Multimode heterogeneous iot networks

ABSTRACT

A novel IOT network, methods of making, structure and functions, and method of use are disclosed.

1. CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of Ser. No. 16/605,191 filed on Jul.22, 2019. The disclosure of U.S. Pat. No. 9,912,983, titled “Method andSystem for Efficient Communication,” which issued from application Ser.No. 15/626,192, and which names Teijun Wang and Tiehong Wang asinventors, is hereby incorporated herein by reference.

2. DEFINITIONS

Sensor—A device which provides an output that varies with a physicalproperty.

Sensitivity—How much a sensor's output changes with a change of thephysical property.

Sampling rate—Number of sensor sample values for a physical property ina given period of time.

Random error—Differences in repeated measurements of an presumablyconstant value for a physical quantity.

Precision—Statistical variability of repeated measurements of a value ofa physical property. Precision is limited by random error.

Systematic error—An error having a nonzero mean, so that its effect isnot reduced when multiple observations are averaged.

Resolution—Number of discrete values that can be represented for adefined range of values. Resolution is determined by the number of bitsused for representing values in the defined range.

Analog representation—Representing information using continuous values.

Analog data—Continuous values.

Analog value—A value of information represented as analog data.

Digital representation—Representing information using discrete values.

Digital data—Discrete values.

Digital value—A value for information represented as digital data.

Bit—A value that has one of two values, zero or one.

Binary—A base 2 numbering system using bits.

Binary sequence—A sequence of bits.

Binary representation—Representing information in binary.

Binary data—Discrete values represented in binary.

Binary value—A value for information represented as binary data.

Computer—A machine or device that performs processes, calculations, andoperations based on instructions provided by a software or hardwareprogram.

Computer system—A set of computers that share (can communicate with,store data on, and read data from) the same data storage.

Telecommunication Transmission of signs, signals, messages, words,writings, images, sounds or information of any nature by wire, radio,optical or other electromagnetic systems.

Link—A communication channel that connects two or more devices.

Network node—An active electronic device that is capable of receivingand transmitting information over a communications channel to at leastone other node of the network.

Node—A network node.

MAC—Media Access Controller.

Frame—A binary sequence comprising source and destination device MACaddresses, and a message. A message of a frame is also referred to as apayload.

Packet—A binary sequence comprising source and destination addresses,and a message. A message of a packet is also referred to as a payload.

Data transmit unit—A packet or frame.

Ad hoc network—A network in which determination of which nodes forwarddata is made dynamically on the basis of network connectivity data andat least one routing algorithm.

Packet Switched network—(PSN) A network in which packets are routedthrough a network based on the address information contained within eachpacket.

Wide Area Network—(WAN) a geographically distributed network in whichnodes of the network extend beyond a one kilometer radius.

Local Area Network—(LAN) Geographically localized network in which nodesof the network are generally within one hundred meters of one anotherand share a common communications line or wireless link.

Cellular network—A network where the last link is wireless.

Mobile network—Another name for a cellular network.

1G, 2G, 3G, 4G, and 5G are acronyms for “first generation” through“fifth generation”

1G, 2G, 3G, 4G, and 5G also refer to sets of standards used for mobiledevices and mobile telecommunications use services and networks.

WiFi—The IEEE 802.11x specification for defining communication over awireless LAN.

Internet of Things (IOT)—Extension of Internet connectivity to physicaldevices and sensors.

Wireless sensor network—(WSN) A group of spatially dispersed nodes inwhich each node is connected to one or more sensors for monitoring andrecording the physical conditions of the environment and transmittingthe collected data via other nodes of the network to a central location.Typically, a WSN is an ad hoc network.

Communication parameters—Bandwidth, data rate, latency, transmittedpower, size of data package, data package structure, modulation scheme,coding scheme, receiving sensitivity, nodes of network, and nodestructure.

Network topology—Description of the links between nodes, which includethe bus, ring, star, mesh, tree, and hybrid topologies.

Network structure—Network nodes, node addresses, node object code, datalookup tables, such as routing tables, packet priorities, routingpriorities, and path priorities, and topology.

Data rate—The rate at which data is transmitted from one node toanother.

Bandwidth—The maximum data rate at which data is transmitted from onenode to another.

Latency—The amount of time for a message transmitted from a source toreach its destination.

Traffic shaping—Regulating network packets in a PSN.

Quality Of Service (QOS)—And technology on a PSN that manages datatraffic to reduce packet loss, latency, and/or jitter.

BPSK—An acronym meaning Binary Phase Shift Keying

QPSK—An acronym meaning Quadrature Phase Shift Keying

Edge computing—Processing data in a network near where sensor data isgenerated instead of at a centralized data-processing warehouse.

Edge device—A device which provides an entry point into networks, suchas routers and digital switches.

Fog computing—Using edge devices to process data and transmit results ofprocessing to the network.

Software Defined Radio—(SDR) is a radio communication system wherecomponents that have been traditionally implemented in hardware (e.g.mixers, filters, amplifiers, modulators/demodulators, detectors, etc.)are instead implemented by means of software on a computer or embeddedsystem.

TCP/IP—An acronym for transmission control protocol/Internet protocol,which is a specification defining connection of computer systems to theInternet.

UDP—An acronym for User Datagram Protocol.

Base radio station—A transceiver connecting a number of other devices toone another or to a network.

Analog to digital converter (ADC)—An electronic circuit that converts ananalog value to a digital representation of that value.

Cloud center—A logical cluster of computers that share resources and areavailable for cloud computer.

Cloud computing—The on demand availability of computer system resources,especially data storage and computing power, without direct activemanagement by the user.

ID—Identification.

Preferably—Preferably herein means a feature that can be included.

and/or—This phrase means the alternatives for requiring both andrequiring only one or the other.

Hash function, also called a one-way hash function—A function whoseinput is any digital value and whose output is a value which, whenrepresented in binary, always has the same number of bits. The samenumber of bits represent any output of a hash function, regardless ofthe digital value input to the hash function.

A hash—A digital value output from a hash function resulting fromapplying the hash function to a digital value input to the hashfunction. A hash is conventionally represented in binary as a binarysequence.

Message authentication—Confirming a message comes from a source deviceindicated in the message, or optionally from also from the sourcedevices's location and time indicated in the message.

Network packet—A formatted unit of data carried by a packet-switchednetwork, consisting of packet control data and packet payload.

Packet control data—Data providing information for delivering thepayload, such as source and destination network addresses, errordetection codes, and sequencing information.

Typically, control information is found in packet headers and trailers.

Packet payload—Data contained in a packet representing information to betransmitted, also referred to as a message.

Packet header—Binary values at the beginning or front of a packet thatprecedes the payload and contain packet control data.

Packet header—Binary values at that follow after or behind the packetpayload that contain packet control data, such as an end-of-packetidentifier, and a packet checksum value.

GPS—Global Positioning System

Seed—A number or vector input to a pseudo random number generatorfunction.

Salt—One of two values stored in memory in association with one another,in which the other value is a hash of a concatenation the salt and avalue comprising an identifier (such as a password).

AES (Advanced Encryption Standard)—A symmetric block cipher.

RSA (Rivest-Shamir-Adleman)—A public-key crypto-system.

Multicast—Transmission from one sender to many recipients.

IP multicast—A network protocol in which certain nodes store “join” and“leave” messages for particularly designated frames or packets, andthose certain nodes retransmit for particularly designated frames orpackets to nodes from which they received a join message and have notreceived a leave message.

VR—An acronym for “Virtual Reality.”

USP—An acronym for United States patent.

MC System—A partial acronym for Management Center System.

CHS—An acronym for Centralized Hub System.

ATM—An acronym for Automated Teller Machine.

PDA—An acronym for Personal Digital Assistant.

PC—An acronym for Personal Computer.

PSTN—An acronym for Public Switched Telephone Network.

NFC—An acronym for Near Field Communication.

DSL—An acronym for Digital Subscriber Line.

HetNet—A pseudo acronym for Heterogeneous Network.

WCDMA—An acronym for Wideband Code Division Multiple Access.

PCIe—An acronym for Peripheral Component Interconnect Express.

MQTT—An acronym for Message Queuing Telemetry Transport.

RPC—An acronym for Remote Procedure Call.

HTTP—An acronym for HyperText Transfer Protocol.

gRPC—An open source RPC that uses HTTP/2 (an updated revision to HTTP)for Protocol Buffers as the interface description language.

3. DESCRIPTION OF THE BACKGROUND

Different types of networks provide different values for data rate andlatency. Networks using power cables as communication lines haverelatively low bandwidth and relatively low latency. WiFi networks haverelatively high bandwidth and relatively low latency. Many cellularnetworks use 2G, 3G, and 4G, and will use 5G. Cellular networks haveintermediate bandwidth and relatively high latency.

Sensors transduce values of physical properties and normally providetransduced values that are time dependent analog signals. These timedependent analog signals are normally converted to sequential digitalvalues representing the values of the physical property measured by thesensor's transducer, using a circuit including an ADC operating at asampling rate. Common types of sensors include: temperature, proximity,pressure, water quality, chemical, gas, smoke, infra red, level (of aliquid), image, motion, acceleration, gyroscopic, humidity, and optical.

4. SUMMARY OF THE DISCLOSURE 4.1 Novel IOT Networks and Methods ofMaking, Configuring, and Using Them

Novel IOT networks and methods of making, configuring, and using themare disclosed herein.

In some embodiments, novel IOT networks can be dynamically configured.The dynamic configuration, for example, may be performed by one or moreof hardware, firmware, and/or software resident in the network. Thedynamic configuration may for example adjust network structure andcommunication parameters. The dynamic adjustment may for example be inresponse to correlation of values for physical properties received bysensors of the network. The values of the physical properties are oneform of sensor data. This sensor data is generate by sensors atspatially diverse geographic locations and typically providesmeasurements of physical properties at those locations.

In some examples, dynamically configuring the IOT network may includemoving processing functions and tasks between network nodes, Fogdevices, and Edge devices. Dynamically configuring may include changingprocessing functions and tasks being performed by the novel IOT network.

In some examples, dynamically configuring the IOT network may be aresponse of the network to sensor data. Dynamically configuring maycomprising, making and breaking links between network nodes. Dynamicallyconfiguring may comprising, changing routing priority associated withdifferent types of data.

The novel IOT network functions to preferably adjust network structureand communication parameters by applying an algorithm to data, includingthe sensor data from plural sensors. The sensor data used by thealgorithm may include sensor data obtained over a period of time. Thesensor data may include sensor data obtained from sensors located atgeographically disparate locations. The sensor data may include sensordata transmitted from sensors to different nodes of network. Each nodeof the network that communicates with a sensor, may communicate withplural sensors. However, each sensor typically communicates with onlyone node of the network.

The algorithm may determine the first and second time derivatives of thesensor data from any one or more or all of the sensors. The algorithmmay determine the first derivative of the sensor data, and the secondderivative of the sensor data.

The algorithm may respond to the sensor data, the first derivative ofthe sensor data, and the second derivative of the sensor data, bydynamically prioritizing communications to and from sensors havingvalues outside a relatively normal range, from sensors providing valuesthat have relatively large first time derivatives, and from sensorsproviding values having relatively large second time derivatives.

The algorithm may model the spatial progression of variation in valuesof sensor data, variation in first time derivatives, and variation insecond time derivatives. From this modeling, the algorithm may predictspatial and temporal changes in environmental properties correspondingto the sensor data.

The algorithm may use the results of the model to predict sensors inlocations expected to experience abnormal sensor values, and large firstand/or second time derivatives of sensor data.

The algorithm may respond to the predictions by dynamically prioritizingcommunications to and from sensors predict to be in locations that willhave abnormal values, and large first and/or second time derivatives ofsensor data.

Dynamically prioritizing communications to certain sensors comprises oneor more of changing network structure and communication parameters.

For example, dynamically prioritizing communications to and from aparticular sensor may comprise instructing a first node that receivescommunications directly from a sensor to increase transmission powerand/or wirelessly link to a more network node further away from the nodeto which the first node previously linked.

For example, dynamically prioritizing communications to and from aparticular sensor may comprise instructing a first node that receivescommunications directly from a sensor to increase transmissionfrequency, to more frequently provide data from the sensor to adestination.

For example, dynamically prioritizing communications to and from aparticular sensor may comprise instructing a first node that receivescommunications directly from a sensor to switch modulation from BPSK toQPSK to increase data transmission rate.

For example, dynamically prioritizing communications to and from aparticular sensor may comprise instructing control electronicscontrolling the sensor to increase the sensors sampling rate and/orresolution.

For example, dynamically prioritizing communications to and from aparticular sensor may comprise traffic shaping and QOS of packetsoriginating from that particular sensor. One mechanism to provide fortraffic shaping and QOS of packets is to include a sensor ID, orgeographic region ID, in packet control data fields in the header of thepackets. One or more nodes in the network may inspect packet headers todetermine a sensor ID, or geographic region ID. That node may determinewhether to promptly forward the inspected packet depending uponcomparison of sensor ID, or geographic region ID, to values or rangesthat node stores in memory associated with high priority. That node mayalso determine to buffer, that is delay, transmission of packets whose asensor ID, or geographic region ID do not match values or ranges thatnode stores in memory associated with high priority.

The algorithm may respond to the sensor data, the first derivative ofthe sensor data, and the second derivative of the sensor data, bydynamically adjusting communication parameters, bandwidth, data rate,latency, transmitted power, size of data package, data packagestructure, modulation scheme, coding scheme, receiving sensitivity, andnodes of network and network structure.

The novel IOT network preferably includes algorithms that can adjust theforegoing parameters based upon IOT network requirements. Theserequirements may vary depending upon the goal of the entities using thenetwork, or by industry.

One example is an IOT network containing sensors designed to determineif fire is present. The IOT sensors may sensors that monitortemperature, humidity, atmospheric gas content, and smoke. Fires evolverapidly. It is therefore desirable to provide sensors in the vicinity ofa fire with higher data rates, sampling times, and lower latency. Theforegoing algorithm may function to identify fires by correlating datafrom sensor to sensor location. Upon identifying a fire, the algorithmmay respond by increasing the responsiveness of sensors at the locationof the fire and in locations predicted by the algorithm's predictivemodeling to soon be in the fire. Consequently, the network and providemore responsive time feedback on the fire to personnel. Consequently,the network and provide more responsive time feedback on the fire toautomated response equipment designed to respond to a fire.

The software that carries out the dynamic adjustment for the IOT networkmay be centralized in one component or spread among multiple componentsof the network.

In one example, a CHS includes the hardware, software or firmware tocarry out at least some and optionally all of the dynamic configuration.

In another example, an MC System includes the hardware, software orfirmware to carry out at least some and optionally all of the dynamicconfiguration.

In conjunction with providing the dynamically configurable IOT network,one or more embodiments of the invention provide efficient integrationfor Internet, wireless networks, cable, DSL, satellite, and TVcommunications to enable communications among potentially different userterminals. The user terminals include home and office appliances (suchas TV, computer) and wireless terminals (such as mobile phone, PDA). Ina system configured according to this aspect, an MC System receives,selects, converts, compresses, decompresses, and routs data to the userterminals. Various examples are presented and will be apparent to theordinarily skilled artisan once instructed according to the teachings ofthis aspect. By way of example, signals such as those from a fire alarmor theft sensor are sent through the MC System to a user's cell phoneand/or 911 Center. The corresponding sensor data from these sensors isalso used to carry out the dynamic configuration of the IOT network. Inthis aspect, some processing functions may be performed by the MC Systemin combination with other components, such as a user terminal, other MCSystems, the CHS, etc.

4.2 MDTU (Multimode Data Transmit Unit)

A multimode data transmit unit (MDTU) is an IOT network node thatreceives sensor data directly from one or more sensors, and transmits atleast some of that sensor data to other nodes of the network. An MDTUpreferably is capable of receiving data from different sensorstransmitted to it using different transmission modes and protocols. Thenovel IOT network comprises at least one and preferably a large numberof MDTUs.

An MDTU comprises a digital computer which comprises a CPU, digitalmemory, a data bus, data communication lines and/or wirelesstransceiver, digital memory, and software and data resident in thememory. The resident software comprises an operating system controllinginteraction of the CPU and other physical components of the MDTUenabling the CPU to read and write data to and from the memory, to sendcontrol signals circuitry controlling the data communication linesand/or transceiver to communication settings between the MDTU and otherdevices, and to send and receive data using the data communication linesand/or transceiver. The resident software configures the MDTU to applythe hash function to certain data and to encrypt certain data fortransmission to other nodes, and preferably also to integrated sensors,and to authenticate and decrypt certain data received from other nodesand preferably integrated sensors. The MDTU's hardware may includestatic memory in addition to read writable memory.

The static memory and/or read writable memory preferably stores at leastone hash function and at least one encryption algorithm for use inhashing and encrypting data for transmission.

Preferably, the resident software and/or hardware implement a clockfunction. The clock function preferably stores at least one time valuein the memory. The software preferably is configured to read this memoryto retrieve at least one time value stored in memory by the clockfunction. The software preferably comprises a clock calibration routinethat reads a value contained in a time signal transmitted to the MDTU.The clock calibration routine preferably resets the MDTU's clockfunction to provide the same time value as other nodes of the network.The resident software may also configure the MDTU to receive a networkvalue broadcast and/or IP multicast within the network to the MDTU,store that value in memory, and use that value instead of or in additionto a time value, as an input to a hash function.

An MDTU preferably comprises a transceiver. The transceiver maycomprises an antenna, a mixer, and an ADC and a DAC. The transceiver maycomprise software defined radio elements including one or more ofmixers, filters, amplifiers, modulators/demodulators, implemented bysoftware, and active electronics antenna configurations controlled bysoftware.

Preferably, the MDTU comprises software for instructing integratedsensors to use specified transmission and reception frequencies orfrequency bands, data rates, transmitted power, size of data package,data package structure, modulation scheme, information coding scheme,and receiver sensitivity, and integrated sensor configurable antennaconfigurations. That is, MDTU preferably comprise software forcontrolling integrated sensor communication parameters.

Preferably, the MDTU receives messages from an integrated sensor in theform of data transmit units.

An MDTU is designed to be capable of communicating with multiplesensors, either wirelessly or via wired connections. For example, usingRS-232 or IEEE-485 communication specifications. In one embodiment, eachMDTU communicates with 11 different sensors. Some or all of the sensorsmay be embedded in the MDTU as integrated elements in a commonmechanical structure.

An MDTU transmits sensor data to one or more other nodes of the network.An MDTU may process sensor data and then transmit to another node theresults of processing. The MDTU may change encoding of sensor data andtransmit to another node the sensor data in the newly encoded format. AnMDTU may receive data from different sensors encoded in differentspecifications, and convert the data from the sensors to a commonencoding specification. The MDTU may use the data from the sensorsencoded in the common specification to form data transmit unitscontaining that data for transmission to other nodes of the network.

For example, and MDTU may convert analog voltage representingtemperature, to a digital value representing temperature in Kelvin, andthen encode in some specification both the digital value and anindicator that the digital value represents temperature in Kelvin, as abinary sequence, and then form one or more data transmit unitscontaining the binary sequence. The data transmit units may be packetsconfirming to TCP/IP.

Preferably, an MDTU has sufficient digital calculation capability sothat it can be configured to provide significant EDGE computingcapabilities.

An MDTU may also provide the functions of an MC System as described inU.S. Pat. No. 9,912,983. The MDTU may link to a centralized hub asdescribed for an MC System in U.S. Pat. No. 9,912,983. The MDTU may linkdirectly or indirectly to nodes or gateways of various networks,including the Internet, cellular networks, PSTNs, and various serviceprovider networks, as described for an MC System in U.S. Pat. No.9,912,983.

An MDTU may also provide the functions of a centralized HUB system (CHS)as described in U.S. Pat. No. 9,912,983, and may link to an MC system,as described for a CHS in U.S. Pat. No. 9,912,983. An MDTU may link tomore than one node of the IOT network. An MC system, as described inU.S. Pat. No. 9,912,983, may be a node of the IOT network.

4.3 Uses of IOT Network

Sensors of the novel IOT network may be associated with an integratedwireless transmitter, and wirelessly communicate pursuant to aspecification for communicating data to an MDTU. Sensors of the novelIOT network may, alternatively, be physically integrated into an MDTU,in which case the MDTU receives the signal from the sensory typically bya conductive connection. Sensors of the novel IOT network may, also, bephysically external to an MDTU, but have a data link to the MDTU via aconductive connection. In any case, sensors of the novel IOT network canprovide their sensor output to an MDTU.

One or more of the MDTUs may implement software to correlate sensor dataand determine a response to that data. Each MDTU may correlate data fromthe sensors it directly communicates with and sensors it does notdirectly communicate with to determine a response to that data. A cloudcenter may implement software to correlate sensor data and determine aresponse to that data. Which, if any, of MDTUs and cloud centers performthe correlation function and determines a response to that data may bedetermined dynamically as explained herein above.

Different IOT network configurations may be preferable for differentpurposes or for use by different industries, such as fire control; audioservice; and home heating and air conditioning, theft prevention, andchild/day care.

A novel IOT network feature is that an edge computer, such as an MDTU,is programmed to respond to time correlation of values from pluralsensors at one location, and/or from plural sensors at plural locations.A response may be generation of a communication signal includingdetermining an address for the communication. A response may begenerating a process control signal to control a process. For example, aprocess may be closing automatically controllable fire doors, send anelevator to a floor of a building, opening a valve along a pipeline,alerting a designated set of recipients according to their storedinformation. The response may be coordinated and executed usinginformation stored in a mapping table of an MC System.

An example of a time correlation is a correlation of plural seismographsmiles apart indicating direction and magnitude of propagation of aseismic disturbance (earthquake). A time correlation between differentkinds of sensors may be an increase in temperature and detection ofsmoke, both at one location.

The novel IOT network includes data associated with sensors, whichincludes sensor ID and sensor location. Preferably, all sensors formingpart of the novel IOT network are associated with both a unique sensorID and location of that sensor. Preferably, each sensor of the novel IOTnetwork is associated with memory that stores a sensor ID and sensorlocation. That memory may be integrated with the sensor or integratedwith the MDTU. This information may be communicated to and stored in amapping table of an MC System.

The novel IOT network includes data associated with MDTU's, whichincludes MDTU network ID and preferably MDTU location.

Preferably, the novel IOT network comprises software designed toinstruct sensors having memory storing their sensor ID and location tochange their sensor ID and specify the sensor's location. For example,as the novel IOT network grows due to addition of or replacement ofMDTU's and sensors, ID conflicts may arise, and need to be resolved byreassigning IDs. As elements of the novel IOD network move from point topoint, their change in location needs to be updated so that the memoryof the novel IOD network can maintain an accurate spatial configurationof all sensors and MDTU's of the network.

Preferably, the novel IOT network comprises software designed toreconfigure the network to reassign wireless sensors from one MDTU toanother. For example, the software may determine that addition of a newMDTU to the network results in that new MDTU having a better wirelessconnection to a particular wireless sensor. The software may in thatcase instruct the old MDTU with which the sensor previouslycommunicated, to instruct the wireless sensor to conduct communicationswith the new MDTU. The novel IOT network software may perform thisdetermination of which MDTU a wireless sensor communicates with basedonly upon the distance between MDTUs and wireless sensors. However, thenovel IOT network may also base this determination upon either of bothof (1) modeling and (2) testing of signal attenuation between MDTUs andwireless sensors (such as signal strength attenuation between signalssent from or to one particular MDTU and to or from a correspondingparticular wireless sensor.)

Preferably, the novel IOT network memory stores data for all MDTUs thatare wireless capable, and all wireless sensors, which data includesfrequencies over which those wireless capable MDTUs and wireless sensorsare capable of wireless transmission.

Preferably, the novel IOT network stores data defining shapes andlocations of solid, liquid, and gaseous objects in the geographicregions where the novel IOT network's wireless devices are located.Preferably, the novel IOT network stores electromagnetic wavetransmission modeling software to model the propagation and attenuationof wireless transmission between wireless sensors and wireless capableMDTUs of the network, to estimate link attenuation between pairs ofwireless devices, including between a wireless sensor and MDTUs, andbetween pairs of MDTUs.

Preferably, the novel IOT network software is designed to select linksfor wireless sensors to MDTU's that take into account the number ofother sensors linked to each MDTU and the signal attenuation from thatwireless sensor to that MDTU. For example, if an MDTU has a limit of 10sensors it can communicate with, then an eleventh sensor would not belinked to that MDTU, even if that the link to that MDTU provided thelowest attenuation of a wireless signal sent from that sensor to anyMDTU.

Preferably, the novel IOT network software is designed to actually testreceived signal strength of various links between wireless MDTUs, andbetween a wireless sensor and various MDTU's using frequency bands overwhich the MDTUs and wireless sensors are capable to determine links thatprovide the greatest received signal strength or lowest attenuation, andalso the greatest signal to noise.

Preferably, the novel IOT network software is designed to testinterference of a link by wireless transmission from MDTUs and wirelesssensors that are not part of that link. Preferably, the novel IOTnetwork software is designed to perform this test on may possible linksbetween two MDTUs and between various wireless sensors and MDTUs.Preferably, the novel IOT network software is designed to determine manyor all wireless network links and frequencies of transmission and modesof transmission of those links, to maximize average received signalstrength in the set of links, reduce or minimize average noise in theset of links, or maximize average signal to noise in the set of links.Preferably, the novel IOT network software performs this networkanalysis, and the implements a minimization algorithm, such as amulti-variable least squares analysis, to arrive a configurations thatincrease average received signal strength, reduce average noise, orincrease average signal to noise.

Preferably, the novel IOT network also stores the sensitivity of eachreceiver for wireless devices included in the network, and stores datadefining the average background noise level as a function of frequencyfor each of the receiver locations of the network. Preferably, theminimization algorithm is constrained to select links to each devicethat result in a signal strength above the average background noiseratio for that device, and above the sensitivity threshold for thatdevice.

To minimize network induced noise, the novel IOT network may attempt tomaintain distinct transmit/receive frequency bands or use time divisionfor relatively physically closely spaced links of the network.

To minimize network induced noise and maximize signal to noise, thenovel IOT network may calculate from locations of MDTUs and sensors, adirection of a transmitter to the corresponding intended receiver, andinstruct the transmitting MDTU or sensor to configure antennaeparameters to shape its transmit beam with high intensity propagating inthe calculated direction.

To minimize network induced noise and maximize signal to noise, thenovel IOT network may attempt to maintain distinct transmit/receivefrequency bands or use time division, for relatively physically closelyspaced links of the network.

4.4 Splitting Data Stream

The novel IOT network may execute software that results in a node of thenetwork “splitting” a stream of data originating from one sensor andintended for an ultimate destination node. That node may be the MDTU towhich the sensor is linked, That node may be a node receiving a streamof data from the MDTU to which the sensor is linked.

Splitting a stream of data means operating on a data stream directed toan ultimate destination node, by transmitting different portions of thestream along different paths (nodes), that all end at the ultimatedestination node. In other words, different portions of the stream takedifferent paths, along different nodes, to the ultimate destinationnode. The stream refers to digital data. The stream may comprise digitaldata representing various phenomena, such as, but clearly not limitedto, audio signals, video signals, telemetry, control information, dataspecification information, identification information, and timeinformation. In one example, the information for carrying out thetransmission of the data stream is stored in the mapping table of an MCSystem.

Preferably the novel IOT network stores data defining values for linklatencies, link bandwidths, and rankings for data type by timesensitivity and bandwidth requirement.

Preferably, at least some of the nodes of the novel IOT network employlatency and bandwidth ranking algorithms to determine data type, andmatch data types having relatively high time sensitivity (compared toother types of data) to relatively low latency paths to their ultimatedestination node. Preferably, at least some of the nodes of the novelIOT network employ algorithms to determine data type, and match datatypes having relatively high bandwidth (compared to other types of data)to network links providing relatively high bandwidth.

Preferably, the data stream for one or more sensors contains data typeidentifiers identifying the underlying type of data in the stream.Preferably, the latency and bandwidth ranking algorithms include code toinspect the data stream and determine data type identifiers andassociated data having that type.

Preferably, the latency and bandwidth ranking algorithms include code todetermine frequency of variation of certain sensor data, and values ofcertain sensor data in the stream. And preferably, the bandwidth rankingalgorithms include activation code based upon frequency of variation ofcertain sensor data, and values of certain sensor data in the stream, toactivate splitting of the stream. For example, in case temperature valueincreases above a certain rate, or a smoke concentration value exceed aspecified level, then latency and bandwidth ranking algorithms maytrigger splitting of a data stream comprising video, smoke andtemperature data by sending the smoke and temperature data over a pathto the ultimate destination node for the stream that has low latency,and sending the video data over a path that has relatively highbandwidth, but relatively large latency. For example, the low latencypath may be over a channel using conductive power grid wires, and thehigh bandwidth high latency path may be over a channel connectingthrough a satellite.

4.5 Sensor Adjustment

Preferably the novel IOT network executes software for adjusting atleast some of its sensors. Sensor need adjustment for various reasons.Some sensors are not preset to provide correct values. Some sensors haveresponses that drift over time.

Preferably at least some of the sensors of the novel IOT network arecapable of having their values adjusted. Adjustment includes for examplean offset bias, a scale factor, and a functional form change.

For example a sensor expressing a voltage as a function of a resistancemay have a drift in voltage in case the resistance value increases overtime due for example to material fatigue. In this case, an adjustmentwould be a scale factor.

A sensor whose electronics outputs an analog value representing windvelocity as a function of measuring a wind pressure may define a squarewind pressure (wind velocity scales as the square wind generatedpressure). A spring used to transduce the pressure may stiffen overtime, and the elements of the electronics may have values that driftover time. Consequently, this sensor may require both scale, functionalform, and bias adjustments.

Adjustments may be to analog adjustment circuit elements reading thevalue from the transducer, or compensation to a digital representationof the output of the transducer. In case of adjustments to digitaloutput, this may occur proximate the sensor or remote from the sensor atsome node of the network.

Preferably the novel IOT network executes software for adjusting atleast some of its sensors based upon results of correlation withhistorical values for that sensor.

Preferably the novel IOT network executes software for adjusting atleast some of its sensors based upon results of correlation to values ofthat sensor to values of other sensors. For example, two temperaturesensors in close proximity can be assumed to measure the same averagetemperature. An average temperature for the first sensor may be used toadjust the average value of the second sensor to provide the same valuesas the first sensor. For another example, a type of sensor may have aknown variation or drift in output, as a function of time based uponmeasurement of prior sensors of the same type. The novel IOT networkexecutes software for adjusting for this known time dependent based uponthe age of the sensor and the known time dependence of drift.

Preferably the novel IOT network executes software and a correlationalgorithm for correlating values of like sensors in disparate location,by modeling, for example by interpolation using geographic positions,the most likely value for one sensor based upon a number of other nearbysensors. For example, a number of temperature sensors at ground level atdisparate locations can be used to define a two dimensional temperaturevariation at ground level, as a function of surface coordinates, that isa model of a two dimensional function, in a plane. And the value of anysensor along the plane may be assumed by the novel IOT network to be thevalue defined by the model for the corresponding point in the plane. Thenovel IOT network may then execute software to control an adjust forthat sensor to provide the value defined by the model for that sensor'slocation.

As noted, the novel IOT network may, in fact, not adjust the electronicsof an integrated sensor so that the output of that sensor provides acorrected analog or digital value. Instead, the novel IOT network maystore compensation values, or a compensation function to compensate forvalues generated by the sensor, and then apply the compensation to theoutput of the sensor, so that the resulting value is likely a moreaccurate representation of the physical value being measured than whatthe value the sensor provides. In this way, the novel IOT network maycompensate for drift in sensor outputs relative to the actual value ofthe physical parameter, without actually adjusting the sensor'stransducer, analog electronics, or the digital values output by someintegrated sensors.

4.6 Downlink Channel Dynamic Adjustment

Preferably the novel IOT network executes software to dynamically adjustsensor data sampling rate, data precision, and frequency oftransmission. That is, the downlink signal from an MDTU instructs thesensor to change at least one of that sensor's sampling rate, dataprecision, and frequency of transmission. The network software mayinstruct adjustment as a result of data received by the network, and asa result of network condition. For example, the network software mayrespond to a large number of sensors providing abnormal indications,such large audio signals, or unusual brightness, in one region byreducing the data precision and increasing the frequency of transmissionof other sensors in the same region or near the same region. For anotherexample, the novel IOT network may generate network usage data showingvolume of data transmission between nodes, ratio of total network CPUclock cycles per second used for processing utility software taskcompared to total network CPU clock cycles per second. That is, thenetwork may measure its fraction of data communication capacity andcalculational capacity in use. The novel IOT network may run software toreallocate utility software tasks reallocate from nodes in a geographicregion having relatively high CPU usage to nodes in a region havingrelatively low CPU usage. The novel IOT network may run software toreallocate network paths from nodes and links operating at or near theirbandwidth limit to nodes and links operating further below theirbandwidth limits. Using the same indications of high CPU usage or highbandwidth usage in a geographic region the novel IOT network may executesoftware the instructs sensors in that geographic region to reduce theirload on that region of the network, by reducing sensor data samplingrate, data precision, and frequency of transmission. The novel IOTnetwork may execute software that also identifies sensors transmittingdata across a region of the network identifies as overly loaded (in CPUusage of bandwidth) and instruct those sensors to reduce sensor datasampling rate, data precision, and frequency of transmission. Incorrespondence, the same software may instruct sensors to resume theirdefault data sampling rate, data precision, and frequency oftransmission when network conditions no longer indicate a need to reducenetwork load.

5. IOT Network Data Security, Authentication and Encryption

Preferably the novel IOT network is configured with novel security toprevent data hacking, adverse network control, and to provide messageand data authentication.

5.1 Sensor Hash

One novel security measure comprises an integrated sensor applying ahash function to a digital sequence, such as a binary sequence, whichsequence is the output of a pre-function.

5.2 Sensor Hash Pre-Function

The sensor hash pre-function, also referred to as pre-function, is afunction of at least one of digital values for the sensor's sensor ID,the sensor's sensor location, and the sensor's sensor time.

The pre-function may also be a function of additional digital values,such as the identification and/or address of the MDTU linked to thesensor, the identification and/or address of the ultimate address nodefor a message, and other IOT network node identifications and/oraddresses that can form a set of links from the MDTU to the ultimatenode, a digital value broadcast and/or IP multicast to a plurality ofnodes of the network, and time of receipt of a network timing pulse.

Preferably, the pre-function is also a function of part or all of asensor message in either unencrypted or encrypted form, as discussedbelow. Moreover, the sensor message may be a function of one or moresensor sample values for a physical property sensed by the sensor.

Because the sensor hash is a function of the output of the pre-function,the sensor hash is also a function of the inputs to the pre-function.Thus, the sensor hash is a function of (1) at least one of digitalvalues for sensor ID, the location, and sensor time and optionally twoor all three; (2) may be a function of the ID and network address forthe MDTU linked to the sensor, the ID and/or network address an ultimatedestination for a sensor message, and IDs and/or addresses of othernodes of the network; (3) may be a function of a digital value broadcastand/or IP multicast to a plurality of nodes of the network; (4) may be afunction of a network timing pulse; and (5) preferably is a function ofpart or all of a sensor message in either unencrypted or encrypted form.

Preferably, the pre-functions are not hash functions, and are invertiblefunctions, such as permutations of digital sequences, so that thedigital sequence input to a pre-function can be retrieved by applyingthe inverse function of the pre-function to the output of thepre-function. However, the pre-functions may be non-invertible, and thepre-functions may be hash functions.

Preferably, the integrated sensor represents the digital values asbinary data, that is as binary sequences. Preferably the pre-functionconcatenates, in a predetermined order, the binary sequencesrepresenting the digital values that are the inputs to the pre-function,and outputs the resulting concatenated sequence. Preferably, the hashfunction inputs the concatenated sequence output by the pre-function.The output of the hash function is the sensor's sensor hash.

The integrated sensor may employ different hash functions, differentpre-functions, and different encryption algorithms and encryption keys,at different times, for use with different types of messages, and fordifferent message recipients. The integrated sensor may execute softwarethat controls which hash function, pre-function, encryption algorithm,and keys, to use, depending upon time, type of message, and messagerecipient. The integrated sensor may receive instructions from an MDTUspecifying conditions for the integrated sensor to use particular hashfunctions, pre-functions, encryption algorithms, and encryption keys.

5.3 Sensor ID

The sensor's sensor ID may be either a non programmable hard coded valuestored in the sensor during sensor fabrication or a value stored inreadable and writeable memory of the sensor, and the sensor's sensor IDmay be a combination of both the non programmable hard coded value andvalue stored in readable and writeable memory of the sensor.

5.4 Sensor Time

The sensor time is a value stored in the sensor. The sensor time may bea time that the sensor will transmit a message, a time when a samplingperiod begins or ends, a time when the transduced physical value issubject to ADC conversion, a time when digital electronic encoding ofthe digitally converted sampled value occurs, or a time when the sensortransmits the encoded value. This time value need not be relativelyclose in time to when the physical parameter being measured by thesensor was sensed by the sensor. However, a time when the sensorobtained a value for a physical parameter may be included in a message.

5.5 Sensor Location

Sensor location refers to coordinates in a defined map or frame ofreference. Preferably, the sensor stores its coordinates in memory.Alternatively, or in addition, the sensor may store times of arrivals ofsignals transmitted from spatially diverse transmitters, such assatellite GPS transmitters along with identifications of the sourcetransmitters, or may store differences of times of arrivals of pairs ofsuch transmitters. The sensor location may be calculated fromdifferences of times of arrival, for signals transmitted from at leastthree transmitters, the locations of the transmitters at the times thesignals were transmitted, and the signal propagation velocity.

5.6 Sensor Message

A sensor message is a message that the sensor transmits. A sensormessage may comprise data representing measurements by the sensor of atleast one physical property, such as temperature, pressure, lightintensity, light intensity in a particular wavelength band, soundintensity, etc. Alternatively or in addition, a sensor message maycomprise information about the sensor, such as sensor status data, orfor an integrated sensor software version data, usage statistics, andany other data stored by the integrated sensor that does not correspondto measurements of physical parameters obtained by the integratedsensor.

5.7 Integrated Sensor

Integrated sensors may provide measurements of more than one physicalproperty, that is have more than one kind of transducer, and anintegrated sensor message therefor may comprise data representingmeasurements of more than one physical property.

An integrated sensor preferably includes software or hardware forapplying a hash function, and also for applying an encryption algorithm.The sensor's hardware may include hard coded routines in static memoryfor reading data including at least one of the values for sensor ID,sensor time, and sensor location, and applying the hash function to theread data.

The integrated sensor may comprise: a CPU, digital memory, a data bus, areceiver (or transceiver), digital memory, a sampling controllercontrolling sampling of the value of the physical value transduced bythe sensor, and software and data resident in the memory. The softwareinstalled on the integrated sensor comprises an operating systemcontrolling interaction of the CPU and other physical components, suchthat the CPU can read and write from the memory, and send controlsignals to the receiver (or transmitter) to specify receiver (andtransmitter) settings, and to the sampling controller to specifysettings (adjustments, sampling rate, sensitivity, precision) of signalscorresponding to values of physical parameters measured by the sensor'stransducer. The software is configured to read from the memory valuesincluding values for at least one of sensor ID, sensor location, andsensor time. The software is configured to apply at least one hashfunction to the read values. The software is preferably configured toapply at least one encryption algorithm to a portion of a message storedin the sensor's memory.

Preferably, the integrated sensor includes software or hardwareimplementing a clock function, the clock function preferably stores atleast one time value in the memory, and preferably the software isconfigured to read this memory to retrieve at least one time valuestored in memory by the clock function. Preferably, the softwarecomprises a clock calibration routine that reads a value contained in atime signal transmitted by the MDTU. The clock calibration routinepreferably resets the integrated sensor's clock function to provide thesame as the time value of the time received from the MDTU. Theintegrated sensor may also be programmed to receive a network valuetransmitted from the MDTU, store that value in memory of the integratedsensor, and use that value instead of or in addition to a time value,when generating a sensor hash. The network value transmitted from theMDTU may be a value broadcast and/or IP multicast within the network.

The integrated sensor may comprise a transceiver for receiving data froman MDTU and transmitting data to an MDTU. The transceiver comprises anantenna, a mixer, and an ADC. Alternatively, the integrated sensor maybe linked to the MDTU by a wired network connection, or by a system bus.

Preferably, the integrated sensor comprises software responsive tosignals from an MDTU defining at least one of the integrated sensors'stransmission and reception frequencies, or frequency bands, data rate,transmitted power, size of data package, data package structure,modulation scheme, information coding scheme, and receiver sensitivity.That is, integrated sensor can preferably be controlled by signals froman MDTU. 5.8 Sensor message authentication using sensor hash 5.8.1Conventional authentication

Nodes of the novel IOT network receive data transmit units containingboth a payload and a sensor hash. The receiving node may apply a hashfunction to the payload to determine if the payload is authentic. If thesensor applied the same hash function as the receiving node, to thepayload in the data transmit unit, then a match of the receiving nodehash and the sensor hash indicates the payload is authentic.

5.8.2 Unconventional Authentication

The integrated sensor and nodes of the novel IOT network however maytransmit data transmit units that have payloads that do not include allbits of a binary sequence used to generate the hash included in the datatransmit unit. In these implementations, a node receiving the datatransmit unit may still authenticate the a data transmit unit. Thereceiving node may do so by guessing the missing binary bits from thepayload necessary to compute the sensor hash. The receiving node canguess the missing bits by knowing the specification for the missing dataand possible values for the missing bits. The specification for themissing data includes bits for: at least one of digital value for sensorID, sensor location, and sensor time. The specification for the missingdata may includes bits for either of both of the other ones of digitalvalues for sensor ID, sensor location, and sensor time. Thespecification for the missing data may also include: IDs and networkaddress for network nodes; digital values broadcast and/or IP multicastto a plurality of nodes of the network; and time values associated withnetwork timing pulses. A receiving unit that guesses the correct valuesfor missing data and computes the hash of the missing data and payload,the receiving nodes hash will equal the sensor hash.

A receiving node can cycle through permutations of the values formissing data, compute hashes of those permutations in combination withthe payload, and compare each of those hashes to the sensor hash. Amatch indicates both authentication of the payload, and identifies tothe receiving node, the missing data.

The missing data and the payload are referred to as test data. Nodes ofthe novel IOT network that receive a data transmit unit containing asensor hash may apply a hash function to test data to generate areceiving node hash. Preferably, the test data includes at least one ofsensor ID, sensor location, and sensor time. The test data may includethe receiving node's ID and/or address, other network node IDs and/oraddresses, a digital value broadcast and/or IP multicast to a pluralityof nodes of the network, and a network timing pulse. The network nodemay compare the receiving node hash to the sensor hash. If the hashesmatch, that indicates the data transmit unit is from the sensor havingthe sensor ID, sensor location, or sensor time contained in the testdata.

Assuming authentication, the additional address information in the testdata may be interpreted by the node as instructions. For one example, ifthe receiving node's ID or network address is not present in the testdata, the receiving node may discard the data transmit unit. For anotherexample, if the receiving nodes ID or network address is in a sequenceof addresses in the data transmit unit, then the receiving node maytransmit the data transmit unit to the node having the ID or addresssequentially following the receiving node's ID or address in the datatransmit unit. For example, if the receiving nodes ID or network addressis the last ID and/or address in a sequence of IDs and/or addresses inthe data transmit unit, the receiving node may decrypt encrypted messagedata and store message data received in the data transmit unit, in nodememory.

5.9 Sensor Message Encryption 5.9.1 Entire Message Encryption

In one alternative, the integrated sensor executes an encryptionalgorithm by inputting the entire sensor message into the algorithm togenerate an encrypted version of the entire message. Subsequently, theintegrated sensor forms sufficient data transmit unit so that the entiremessage is transmitted to the MDTU.

Subsequent to entire message encryption, the integrated sensor selectssome sequence of N bits from the binary representation of the entireencrypted message. The integrated sensor includes the selected bits tobe the part of the input originating from the message, that is input tothe pre-function to generate an output of the pre-function.

Preferably, N equals the number of bits of a message to be included in adata transmit unit. The integrated sensor also generates a correspondingdata transmit unit including this sequence of N bits from the binaryrepresentation of the encrypted message. Preferably, the integratedsensor stores information identifying which sequence of bits from theencrypted message correspond to the particular output of thepre-function. The integrated sensor will then be able to retrieve thesequence of N bits from the binary representation of the encryptedmessage, in order to construct the data transmit unit, by retrieving thestored information. The integrated sensor preferably generates a sensorhash from the output of the pre-function.

If N is greater than the number of bits in the binary representation ofthe entire encrypted message, the integrated sensor can pad theadditional bits of the data transmit unit.

If N is less than the number of bits in the binary representation of theentire encrypted message, then the integrated sensor may select anothersequence of N bits from the binary representation of the encryptedmessage, and generate another output of the pre-function, another sensorhash, and another data transmit unit.

The integrated sensor may repeat these steps until sensor has processedall bits of the binary representation of the encrypted message (alongwith other data) into outputs of the pre-function, and the integratedsensor has included all of the bits into corresponding data transmitunits.

5.9.2 Encrypting the Message, Portion by Portion

In one alternative, the integrated sensor executes an encryptionalgorithm by inputting a portion of the message into the encryptionalgorithm to generate an encrypted version of the message portion. Here,message portion means less than all of the message. Subsequently, theintegrated sensor calculates outputs of the pre-function, calculatessensor hashes from these outputs, and forms data transmission units.Each data transmission unit includes an output of the pre-function andthe sensor hash of that output, following the procedure just describedin the “Entire message encryption” section. Preferably, in thisalternative, the binary representation of the each encrypted messageportion has the same number of bits as the message portion of each datatransmit unit, and each data transmit unit includes exactly oneencrypted message portion.

The integrated sensor repeats the process of executing the encryptionalgorithm on portions of the message, calculating outputs of thepre-function, calculating sensor hashes, and forming data transmissionunits, until all portions of the message have been encrypted andincluded in data transmission units.

5.9.3 Encrypting Only a Portion of the Message

In another alternative, the integrated sensor encrypts some portions ofthe message and does not encrypt other portion of the message. In thisalternative, all bits corresponding to both the encrypted portion andthe unencrypted portion of the message are included as inputs to thepre-function, associated sensor hashes are calculated for each output,each output is included in a data transmit unit.

The purpose of the integrated sensor generating data transmit units isto transmit the message data. The integrated sensor transits its datatransmit units to the MDTU to which it is linked.

5.9.4 Network ID and Address Hiding

In some embodiments of th pre-function, the inputs to the pre-functionthat are not message data are decoupled from inputs that are messagedata, such that the output of the pre-function based upon specified nonmessage data input is unchanged by variations in message data. Forexample, assume the non message data input to the pre-function is asequence of binary values that are the concatenation of binary valuesfor sensor ID, sensor location, and a network ID, and that sequenceoccupies N bits. In one embodiment of the pre-function, the first N bitsof the output of the pre-function are identical to the first N bits ofthe input to the pre-function, independent of values for message data.In another embodiment of the pre-function, the first N bits of theoutput of the pre-function are a permutation of the order of values offirst N bits of the input to the pre-function, again independent ofvalues for message data. In these examples, a receiving node, knowingthe pre-function and knowing the specification for the missing datamissing from a payload, and knowing possible values for the missingdata, may guess the missing data, apply the pre-function to theconcatenation of the guess of the missing data and message data in thedata transmit unit, and apply the hash function to the output of thatpre-function to form a receiving node hash. The receiving node candetermine if the receiving node hash matches the sensor hash. A matchindicates the message is authentic and identifies the missing dataassociated with the payload.

Data transmit units normally contain address information in unencryptedform, typically as part of a header as specified by a protocol. Theaddress information is used by nodes for routing data transmit units.The data transmit units and protocol associated with this kind ofnetwork ID and address hiding may also contain address information inunencrypted form. However, they may also exclude address information andinstead rely upon the missing data specification and limited optionalvalues for missing data, and the ability of network nodes to determinethe missing data, and therefore address information, based uponauthentication. In one embodiment, a node receiving a pulse thatidentifies the missing data to include the address or ID for thatreceiving node may act on the data transmit unit, pursuant to theprotocol, such as to retransmit the pulse, decrypt the pulse, or takesome other action defined by the protocol and the data in the datatransmit unit. If the node receiving the pulse does not identify in themissing data an address or ID for that node, then that node may take noaction in response to receiving the data transmit unit, or it may multicast the data transmit unit so that other nodes can identify the missingdata and determine if they should act on the pulse based upon themissing data. If the node receiving the data transmit unit does notidentify in the missing data an address or ID for that node, but doesidentify an address or ID for another node, then that node may forwardthe data transmit unit to the other node.

Using a protocol in which the data transmit units do not include datatransmit unit address information explicitly, and instead rely uponauthentication based upon determinable missing data to determine datatransmit address information, precludes network attacks that rely uponknowledge of data transmit unit address information.

Another alternative network protocol employs the embodiment of thepre-function, in which the first N bits of the output of thepre-function are a permutation of the order of values of first N bits ofthe non message data input to the pre-function, and these N valuesinclude address information. In this protocol, the node receiving thedata transmit unit would apply the inverse function for the portion ofthe pre-function operating on the first N bits of input, to output the Nbits of non message information. This message information as noted maycontain address information.

5.9.5 Sensor Message Encryption

Another novel security measure comprises how the integrated sensorencrypts a message.

Preferably, and as noted above, message encryption occurs beforegenerating a sensor hash for a data transmit unit.

The integrated sensor implements an encryption algorithm of the typethat takes at least two inputs, one input being an encryption key, andanother input being a message. The encryption algorithm may take otherinputs.

5.10 Encryption Key Generation

The encryption key may be the output of a key generating algorithm. Thekey generating algorithm preferably is a pseudo random number generator.

Preferably, an input to the key generating algorithm is sensor data thatresults from measurement of a physical quantity (for example,temperature) in order to introduce randomness into the resulting keyvalue. Inputs to the key generating algorithm may comprise one or moreof a sensor hash, sensor location, sensor time, ID and/or networkaddresses for: the sensor's MDTU, the ultimate destination node, andother nodes; a value broadcast and/or IP multicast in the network; andtime of receipt of a value broadcast and/or IP multicast in the network.

Inputs to the key generating function may comprise a sensor hash and IDsand/or network addresses of a set of nodes defining a path from the MDTUto the ultimate destination address for a message.

The resulting encryption key generated by the integrated sensor may beshared secretly with an intended recipient using a public-keycrypto-system by encrypting the resulting encryption key using theintended recipient's public key and the asymmetric encryption algorithmspecified for the crypto-system and transmitting that resulting key tothe intended recipient in one or more data transmit units. The intendedrecipient can authenticate the received data transmit units in themanner discussed above to confirm the data transmit units originate fromthe integrated sensor. Similarly, the intended recipient MDTU cangenerate a pseudo random key using the resulting encryption keygenerated by the integrated sensor, a seed, and a pseudo random numbergenerator, and then share that resulting MDTU generated key secretlywith the integrated sensor using the integrated sensor's public key andthe asymmetric encryption algorithm specified for the crypto-system, andtransmitting that resulting MDTU generated key to the intendedintegrated sensor in one or more data transmit units. The MDTU andintegrated sensor may use either the resulting encryption key generatedby the integrated sensor or the resulting MDTU generated key, and asymmetric encryption algorithm, to encrypt messages and send datatransmit units containing those messages to one another.

Preferably, the integrated sensor stores the encryption algorithm, keygenerating algorithm, and resulting encryption key or keys, in memory.However, the algorithms may be hard coded in digital circuits. Theintegrated sensor may use the same or different encryption keys toencrypt more than one data transmit unit, or more than one message.

Symmetric encryption algorithms employ the same key for encryption anddecryption. Asymmetric encryption employs an one key for encrypting keyand another key for decrypting in a manner well known in the art, andasymmetric encryption may be used in public-private key schemes, in amanner well known in the art. An example of a symmetric encryptionalgorithm is AES-128. An example of an asymmetric encryption algorithmis RSA. Source code for implementing these and many other encryptionalgorithms are widely and freely available.

The sensor hash used for encryption may be different from the sensorhash used for authentication. For example, the hash function used forencryption may different from the hash function used for authentication.For example, hash function to provide a n digital bits may beimplemented sequentially removing all odd digital bits, checking todetermine of the result is less than 2n digits, and if so, truncatingthe result to the first n digital bits. And repeating the process forresults larger than 2n digital bits until the number of bits is lessthan 2n. Another hash function may use the same algorithm, but chose adifferent value for n.

For another example, the hash function used to generate a hash forencryption may be the same function as the hash function used forgenerating a hash for authentication, but use a different time value, ora different location value, to generate a hash. For example, the hashfunction used for encryption may use a time value based upon time ofdata acquisition, an anticipated time of message transmission, time whenthe hash used for encryption is created, when the message is encrypted,or time of an IOT network timing pulse, and may use an location value ofthe integrated IOT sensor at any one of these times. And the hashfunction used for authentication may use a time value based upon time ofdata acquisition, an anticipated time of message transmission, time whenthe hash used for authentication is generated, or time valued providedby an IOT network timing pulse, and may use an location value of theintegrated IOT sensor at any one of these times. 5.11 MDTU transmissionsand node re-transmissions

The MDTU may transmit data transmit units to the other nodes in whicheach data transmit unit contains a sensor hash resulting frominformation from the corresponding sensor from which the messageinformation in the data transmit unit originated.

For integrated sensors that are themselves physically integrated into anMDTU, everything discussed above about the function and structure of theintegrated sensor also applies to the MDTU. For example, the MDTU maygenerate and transmit the data transmit units containing message data asdiscussed above for the integrated sensor, including performing theencrypting and hashing.

For sensors that merely provide, to an MDTU, transduced values ordigital representations of transduced values, and do not perform theauthentication and encryption noted above in discussing integratedsensors, the MDTU generates and transmits the data transmit unitscontaining message data as discussed above for the integrated sensor.This includes the MDTU performing the encrypting and hashing andpreparing the data transmit units.

The MDTU may also use the sensor hash in a data transmit unit receivedfrom an integrated sensor, as the input to a pseudo random numbergenerator. The MDTU may use the output of the pseudo random numbergenerator as an encryption key. The MDTU may further encrypt messagedata in a data transmit unit using the new encryption key. The MDTU mayfurther encrypt message data of a data transmit unit using the newencryption key. The MDTU may use the output of the pseudo random numbergenerator to negotiate a secret key with another node for asymmetricencryption with that other node and then further encrypt message data ofa data transmit unit, using that new encryption key. The MDTU may inputthe further encrypted message data into a hash function, to generate anMDTU hash, and include that MDTU hash and the further encrypted messagedata in a data transmit unit, and transmit that data transmit unit.

A node receiving the data transmit unit from the MDTU may use the MDTUhash as input to a pseudo random number generator, use the output of thepseudo random number generator or the hash as an encryption key, or usethe output of the pseudo random number generator or the hash as an inputto negotiate a shared encryption key with another node using a publickey architecture, and then further encrypt message data of the datatransmit unit that node received from the MDTU, using that sharedencryption key. The node receiving the data transmit unit from the MDTUmay input the further encrypted message data into a hash function, togenerate an node hash, and include that node hash and the furtherencrypted message data in a data transmit unit, and transmit that datatransmit unit to the other node having the shared encryption key.

Any subsequent node receiving the data transmit unit from the prior nodemay use the prior node's hash as input to a pseudo random numbergenerator, or use the output of the pseudo random number generator orthe hash as an input to negotiate a shared encryption key with yetanother node using a public key architecture, and then further encryptmessage data of the data transmit unit that node received from the priornode, using that new shared encryption key. The subsequent nodereceiving the data transmit unit from the prior node may input thefurther encrypted message data into a hash function, to generate ansubsequent node hash, and include that subsequent node hash and thefurther encrypted message data in a data transmit unit, and transmitthat data transmit unit to the other node having the shared encryptionkey.

One benefit of the process of encryption and hash functions dependingdirectly or indirectly upon the sensor hash for encryption and/orauthentication is that the sensor hash may contain transduced data whichprovides the randomness required to defeat security attacks.

5.12 Example of an MDTU Hash Function and Use for Encryption

In one embodiment, a sequence of 128 bit values may represent each oneof sensor ID, sensor specified location, and time value a message wasreceived from the sensor at its linked MDTU. The MDTU forms a binarysequence of 128×3 bits by concatenating the 128 bit values representingsensor ID, location, and time. The MDTU applies a hash function to that128×3 sequence, for example resulting in a 128 bit sequence.

The MDTU may use that hash as an input to an encryption algorithm, suchas a key or as a secret for transmission by a public key architecture toanother node to negotiate a session key with that other node. Or theMDTU may use the hash as a seed for a pseudo random number generator togenerate one or more values. The MDTU may then for use the resulting oneor more values in an encryption algorithm, such as one or more keys foran encryption algorithm or as the MDTU's secret for transmission by apublic key architecture to another node to negotiate a session key withthat other node.

The MDTU executes an encryption algorithm that uses the resultingencryption key and part or all of the data from one or more sensors, andthen transmits that data to the other node of the network. For example,the MDTU may encrypt sensor data, but not destination data. For examplethe MDTU may or may not encrypt sensor ID. For example, the MDTU may ormay not encrypt it time stamp (time associated with the MDTU's receiptof the sensor data). For example, the MDTU may keep the destination data(such as network address of a node), sensor ID, sensor specifiedlocation, and MDTU time stamp, or any combination thereof, unencryptedand transmit this data in unencrypted form.

5.13 Hash Physical Location, Time, and Sensor ID. Hash (Location, Time,Sensor ID)

Network nodes each have a physical location, a time of data acquisition(for example time stamp associated with receipt of data transmit unit orcomplete stream of data transmit units defining a file or message), andan ID.

Each node may compute a hash function using as inputs at least one ofnode location, time, and node ID. The hash function inputs may alsoinclude data from one or more data transmit units received at the node.Preferably, hash function inputs comprise both time of data acquisitionand at least some of and optionally all of the content of a datatransmit unit associated with that time of data acquisition by thatnode.

Each node may use the hash it computes for encrypting a datatransmission. The node may use the hash as an encryption key, use thehash as a seed to generate a pseudo random number, or use the hash orpseudo random number as a secret for use with a public keyinfrastructure to negotiate a shared secret with another network node.It is well know generate a shares secret key using a public private keyinfrastructure negotiation.

Each node may encrypt the messages it receives prior to retransmission.Alternatively, each node may retransmit received messages withoutfurther encryption.

Each node has the capability to determine a node to which to send areceived message. This capability preferably includes the node executingcode to determine a network address to which to transmit data transmitunits containing the message. As noted above, a node may transmitdifferent data transmit units for the same message, that containdifferent kinds of data, such as video data and temperature data, alongdifferent links to the same ultimate network node. So the high bandwidthvideo data travels along one path and the low bandwidth temperature datatravels along another path, for example to minimize latency for thetemperature data, and to efficiently transmit the video data to itsdestination. This routing may depend upon network addresses stored intable in memory of the node, which table also includes a field for atleast data type, and preferably also includes fields for source ID oraddress, destination ID or address. In some embodiments, this capabilityresults from the node being able to decode unencrypted path informationin a data transmit unit, such as address information contained in apacket header. If the path, or ultimate address for the communication iscontained in the header information, as in TCP/IP, then each node caneither read the next node to which to send the communication ordetermine from the ultimate address a next node to which to send thecommunication. In packet switched networks, the contents of each packetmay be individually encrypted, or the contents of an entire message maybe encrypted and then broken up into pieces and each piece included in adata transmit unit. Each node may not encrypt the ultimate destinationaddress or ID in a data transmit unit, or may not encrypt a sequence ofnodes IDs or addresses in each data transmit unit to which thecommunication should be transmitted in sequence to reach the ultimatedestination.

Alternatively, the communication protocols may also encrypt the definedor definable communication path, such as the sequence of nodes alongwhich a communication should be forwarded, or the address of theultimate node, that is the destination address for the communication. Inthese alternatives, the encryption of the address or path information isof a form that allows each node along the communication path tointerpret the address information to either send the communication tothe next defined node along the path or to determine a next node towhich to send the communication. For example, each node may have aprivate key and a public key pair, encrypt its address based upon publickey of the target node (to which the communication will be sent fromthat node) and include the encrypted form of its address in a datatransmit unit. This would allow the recipient target node to decrypt theaddress of the sender nodes address based upon the recipient node'sprivate key. Or the sending node may encrypt and include a sequence ofnode addresses and/or IDs with the recipient target node's public key.The recipient target node could then decrypt the sequence of nodeaddresses and/or IDs with its private key. Each node may store aplurality of public keys each corresponding to the public key of adifferent node of the network, and determine the target recipient nodeby encrypting the message using that target recipient's public key. Onlythe target recipient node can would decrypt the message using itsprivate key; all other recipient nodes would fail to decrypt using theirprivate key. Decryption would, under this protocol, instruct thedecrypting node to act on the contents of the data transmit unit orunits containing the message. Failure to decrypt would, under thisprotocol, instruct the node failing to decrypt the message to take noaction in response to receipt of the contents of the data transmit unitor units containing the message, other than perhaps to log the fact thenode received and discarded the data transmit units.

5.14 Sequential Key Encryption, and Sequential Decryption to RetrieveMessage Data

In one embodiment, each node may modify at least one data transmitpacket for each message, to include the symmetric encryption key thatnode will use to further encrypt that data transmit packet, in theportion of the data transmit packet subject to encryption. In thisembodiment, when the data transmit packets arrive at their ultimatedestination node, that ultimate destination node may apply thedecryption algorithm in conjunction with the key ultimate destinationnode shares with the node that transmitted the message to it, to performa first decryption. That decrypts the key used for the prior encryptionby the prior transmitting node. The ultimate destination node may applythe decryption algorithm with the newly decrypted key, to decrypt thekey used for the yet prior encryption by the yet prior transmittingnode. The ultimate destination node may continue to sequentially applythe decryption algorithm with the newly decrypted encryption keys untilit has reversed the encryption applied by the original integrated sensorof MDTU, to thereby decrypt the original message.

In embodiments, session keys generated by the nodes are transmitted tothe ultimate network address for a sensor message along a differentcommunication path than the corresponding data. For example, when theultimate address is contained in the transmitted data, then each nodealong the path may encrypt its symmetric encryption session key andoptionally its network address or ID and optionally the network addressor ID of the node to which the node is transmitting the message, using apublic key of the ultimate address and a public private asymmetricencryption algorithm. The node may then transmit that encrypted messagecontaining key and optionally ID data, to the ultimate address. The nodemay direct encrypted message containing key and optionally ID data tosome node other than the node to which it sends the sensor message; thatis along a different path in the network than the underlying messagedata.

In a simulcast or ad hock network, the ultimate address is notpredefined. In this situation, each node may be programed (configured)to send is key data to a central key server. The nodes may be programmedto use the central key server's public key and the corresponding publicprivate asymmetric encryption algorithm to encrypt the session key andoptionally the nodes network address or ID and optionally the networkaddress or ID of the node to which the node is transmitting the message.Ultimate recipients of the encrypted data transmit units defining themessage are preferably programmed pursuant to network protocol to querythe central key server for decryption keys necessary to decrypt themessage.

5.15 Distributed Ledger, Message Authentication, Chain of Custody

Preferably, the TOT network implements sensor data authentication usinga distributed ledger and sequential permutations of the sensor hash.Preferably, the IOT network comprises a plurality of nodes that eachstores in their memory a distributed ledger showing sequence oftransactions, each transaction indicating transmission of a sensormessage from one node to the next.

Preferably, each successive node of the network receiving data transmitunits, implements a permuting function to permute the values of the bitsof the data transmit unit in the location in the data transmit unitcorresponding to the location of the sensor hash. The function is afunction of the bit values at these locations, the ID of the sendingnode, and the ID of the receiving node. The output of the permutingfunction is included in the next data transmit unit, preferably in thesame location the sensor hash was previously stored. Alternatively, theoutput of the permuting function may be stores at some other location inthe data transmit unit, as defined by an applicable protocol.

Each time a node transmits a plurality of data transmit units defining amessage, or each time the node transmits a single data transmit unit, italso transmit a ledger entry data transmit unit. The ledger entry datatransmit unit contains the ID of the previous transmitting node ID, theID of the current transmitting node, the current transmitting node'stime, and the output of the permuting function. Each successivetransmission of a message or data transmit unit results in sending of aledger entry data transmit unit. The ledger entry data transmit unitsare broadcast or IP multicast to ledger nodes programmed to store andvalidate copies of the distributed ledger.

Each ledger should contain two records for a node ID closely linked intime, with the node ID in one record in the record field indicating thatnode is receiving the message and another entry of the node ID in therecord field indicating that node is sending the message. Each ledgernodes executes code to associate these pairs of records for the samemessage in sequence, and thereby builds a sequence of record entrieslinking transmissions of the same message or message data unitscontaining the same message data between nodes. The value of thepermuting function in each transaction record is a function of the valueof the permuting function in the prior transaction record and the valuesof the node IDs in the current record. Each ledger node can thereforcalculate what the value for the permuting function should be in thecurrent ledger, by computing that value from the values in pairs ofrecords linked by node ID. Each ledger node can also check the time inpairs of records to determine if the time of receipt by a node is laterthan the time of transmission to that node of the same message or datatransmit unit. A ledger node may publish its results to the other ledgernodes of that ledger node's time sequence check and permuting functioncheck on two ledger entries for a node ID. The ledger nodes mayimplement consensus software to determine whether to accept the ledgerentry. If all or a specified number of ledger nodes confirm the outputof the permuting function matches the newer ledger entry and the timesequence of the two entries is correct, the ledger nodes may accept thenew ledger entry. Otherwise, the ledger nodes reject the new ledgerentry and do not finally include that ledger entry in the ledger. Inthis case, the ledger nodes may implement notification to the network ofrepudiation of the message or data transmit unit.

Alternatively, in an embodiment, the nodes of the network are programmedto transmit a ledger entry data transmit unit and wait for the ledgernodes to transmit back a verification that the corresponding message islegitimate, before transmitting the data transmit unit or unitscontaining the corresponding message data to the next node.

A single ledger node would be sufficient. A security benefit of pluralledger nodes is redundancy and resilience against corruption of oneledger or ledger node. A security benefit of the distributed ledger nodefor an IOT network is that the permuting function acts on an originalsensor hash that may be a function of transduced data. Transduced datais random, thereby increasing security.

5.16 Distributed Ledger, Two Factor or Multi Factor Authentication

Alternatively, in an embodiment, the nodes of the network are programmedto wait until receiving both a message or data transmit unit, and averification from one or more ledger nodes that the correspondingmessage is legitimate, before transmitting the data transmit unit orunits containing the corresponding message data to the next node. Thisprocess is analogous to the receiving node requiring two factor or multifactor authentication.

6. Virtual Reality (VR) Representation Based upon Sensor Data

6.1 Data Fields

In another aspect, a novel IOT network is programmed and/or configuredto provide a Virtual Reality (VR) based upon sensor data collected froma plurality of sensors. Preferably, the virtual reality is implementedin software. Preferably, the virtual reality predicts a time progressionof based upon sensor data collected from various sensors.

The VR comprises data structures defining a space having at least twoand preferably three dimensions. Preferably, the space is a virtualrepresentation of real physical space, and the dimensions arerepresentations of two or three physical dimensions. The representationsmay be intrinsic representations (such as a representing points on acurved surface with two coordinate values), or extrinsic representations(such as a representing a curved surface embedded in three dimensionalspace with three coordinate values). Locations in the virtual space maybe represented by a coordinate system defining axes that span the space.Each coordinate point (that is one point in the virtual space) may beassociated with plural values. These values may be representations ofquantities that are scalar, vector, second order tensor, and higherorder tensor. A quantity having values at plural coordinates in a spaceis called a field.

Examples of scalar quantities that may form fields include temperature,light intensity, sound intensity, smoke density, wind magnitude,humidity, magnetic field strength. Examples of vector quantities thatmay form fields include gradients of fields of any scalar quantity,magnetic field strength and direction, and wind speed and direction,Newtonian gravitational field magnitude and direction. Examples of rank2 tensor quantities that may form fields include the Cauchy stresstensor, electromagnetic tensor, viscous stress tensor, metric tensor,Einstein tensor, and the Stress-energy tensor.

Each one of the values stored in association with a coordinate point ofa virtual reality may be a function of values of scalar, vector, andhigher order tensors. These values may be values stored in associationwith that coordinate point, or may be a function of values stored inassociation with the same and/or another coordinate point.

For example, assume a set of three MDTUs reside at three points along aline in real space, or along an arc defining a loci of pointsapproximately defining the surface of the earth. Assume that each MDTUnormally provides sensor data for wind speed. Assume at some time themiddle MDTU's wind speed sensor fails. The IOT network may be programmedand configured to respond to the failure by using values from nearbyMDTUs to approximate a value for the middle MDTU and store thatapproximation in association with the location of the middle MDTU. Forexample, IOT networks may be programmed to calculate the average valueof the other two wind speed sensors, and store in memory that average inassociation with a location associated with the middle MDTU. Thisprovides an approximate value for the MDTU. The IOT network instead mayapproximate and store values for a failed sensor in other ways.

The IOT network instead may be programmed and configured to respond tothe failure by retrieving the last value recorded by the failed sensor,difference between that value and the average value at a time proximatewhen the middle sensor failed, of the other two wind speed sensors,determining the difference between the last recorded value and thataverage value, and then at subsequent times to when the middle sensorfailed, add that difference to subsequent average of the other twosensors to result in an estimate, and storing that estimate in memory inassociation with a location associated with the middle MDTU.

Instead of using a mere average, the IOT network may weight the inputsof the average based upon their relative distances to the middle MDTU.That is, multiply each value by the ratio of its MDTU's distance to themiddle MDTU and then divide the result by the sum of the distances ofboth outer MDTUs to the middle MDTU. Instead of using only two

MDTUs near the middle MDTU, the IOT network may average weighted valuesfrom all MDTU's within a certain distance from the middle MDTU. (Forexample, multiplying each value by the distance of its MDTU to themiddle MDTU and dividing the result by the sum of the distances of allMDTUs including in the weighted average from the middle MDTU.)

6.2 Discrete Data Time Derivatives

Time derivatives calculated from sampled digital data normally refer tocalculations based upon values at discrete time intervals instead ofcontinuous function derivatives. It is to be understood that thedetermination of first and second time derivatives require values fromat least one and two prior times, respective.

6.3 Composite Values

The IOT network may be programmed and configured to store a value inassociation with a virtual location that is a function of more than onevalue for more than one physical property for that location. Forexample, the IOT network instead may be programmed and configured tocompute a composite value that is a function of values for smokedensity, wind magnitude, and temperature from one MDTU at one point intime, and store the composite value in association with a location forthat MDTU.

6.4 Time Derivatives

For example, the IOT network instead may be programmed and configured tocompute a composite value that is a function of values for one or moreof smoke density, wind magnitude, and temperature, and first and secondtime derivative of smoke density, wind magnitude, and temperature, fromthat one MDTU at one point in time, and store the composite value inassociation with a location for that MDTU.

6.5 Spatial Derivatives

The IOT network may be programmed and configured to store one or morespatial derivative values in association with a virtual location. Eachspatial derivative value may be a function of values for a physicalproperty from more than one location, or may be a function of compositevalues for physical properties from more than one location, where thelocations are of MDTUs or sensors. The IOT network may compute eachspatial derivative value by fitting the values and locations with whichthey are associated to a function, and determining the value of thefunction at the virtual location.

6.6 Human Interfaces

Novel IOT networks may include VR display technology, for displayingscenes and optionally providing audio and other outputs from the virtualreality, to a user. For example by providing output to a conventionalflat screen computer video monitor and audio transducer, or to animmersive headset display.

Novel IOT networks may be programmed to output to an immersive headsetdisplay a video image tracking the location and orientation of the user.For example, receiving location and orientation data from the headsetidentifying the changes in physical location and orientation of theperson wearing the headset, and by performing coordinate transformationoperations on the coordinate points storing the VR data, and thencalculating a perspective view for certain values related to one or morephysical properties and display those values within the headset.

Preferably, the data defining the virtual map or image representation isupdated by a node of the IOT network within 100 milliseconds of when thenode receives the data, that is, in realtime.

6.7 Predict Progression in Time of Virtual Reality (VR).

Preferably, the IOT network is programmed to predict field values at afuture time based upon current and past values stored in the virtualreality, using field evolution algorithms.

For example, the field evolution algorithms, may input the currentvalue, and first and second time derivatives for a physical property, ora composite of physical properties, for a location in the virtualreality, to determine time progression at that location for thatphysical property of composite of physical properties.

For example, field evolution algorithms, may model the spatialdistribution of values for a physical quantity or composite quantityfrom various points in the VR at one time, and then determine from timederivatives of various points in the virtual reality, one or morevelocities for the spatial distribution, and model the variation in timealong the direction of that velocity, as propagation of the spatialdistribution along the direction defined by that velocity, as a spatialdisplacement of the spatial distribution of values for a physicalquantity or composite quantity along that direction. The field evolutionalgorithms may apply this same spatial distribution algorithm todifferent directions thereby defining different propagation velocitiesalong different directions, and at different locations.

The IOT network may be programmed to determine averages and leastsquares values for predicted field values from outputs of more one timeevolution and/or spatial evolution calculation.

6.8 Responses to and Effect on Time Evolution

The IOT network may be configured to run simulations of the effect ofresponses to sensor data on the predicted progression in time of VRscenarios, to predict how responses change time evolution. And todetermine responses that maximize a particular effect on the timeevolution of physical values.

For example, a response to a forest fire might be to drop a load of fireretardant in a particular area at a particular time. The IOT network maymodel that response as effecting a drop in temperature, a drop in smokemeasurement, a reduction in velocity of spatial displacement of thespatial distribution of values for temperature, of the like. The IOTnetwork may be configured to run simulations by varying the time of thedrop of fire retardent, and location of drop of the retardent, to modeleffect on progression of the fire. The IOT network may be configured todetermine the location and time that minimizes the velocity of the firein one direction (for example towards a building), and output thatinformation to either a person or an automated control of the vehiclethat will drop the fire retardent. The simulation may be in advance of areal fire and the results of the minimization may be stored in memory ofthe IOT network.

In general, the IOT network may use a virtual reality model of sensordata to compute most effective activity to achieve a desired change inphysical values, in response to sensor data. For example, where and howto allocate resources in response to remote sensor data. For example,where to send fire fighting equipment to most effectively contain andstop a forest fire. How to change traffic lights controlling trafficadvance of severe whether, such as a local thunderstorms approaching anarea from a certain direction, to minimize traffic congestion.

The IOT network may also store in the VR location and type of materials.For example, location of gasoline service stations, location of reactivechemical storage locations, quantity of chemical in storage, houses,commercial buildings, and zoning information therefore, such asresidential, commercial, industrial, gas line locations, power linelocations, water line locations, and communication line locations. Foreach type of location, the IOT network may store associated data, suchas a flammability value indicating degree of flammability, an explosivevalue indicating likelihood of causing an explosion in response to heat,magnitude of explosion (dependent upon quantity of material) occupancyvalue indicating the anticipated number of people at the location, andother values for the location, local traffic conditions. The IOT networkmay employ algorithms to determine from time progression predictions andthis additional data, when explosions as a result of a fire may beanticipated, and what responses if any might be effective to avoidexplosion. For example, the IOT network may predict the amount of timeto an explosion, and send an instruction to a fire response device (orperson), based upon location, time, and results of VR time progressionand response calculations, instructing on the most effective course ofaction. For example, take no action; travel to location of fire anextinguish fire; or travel to location of fire an order evacuation.

Given a suitably complete data set for a virtual reality, large numbersof possible scenarios based upon different starting conditions (such asweather, traffic, time of day, location and quantify of relevantmaterials, timing of street lights), and possible responses to thescenarios may be tested, to determine best responses. The IOT networkmay store the scenario inputs and best responses, for future use. TheIOT network may run software algorithm that checks for a match of testparameter values or ranges to stored abnormal scenarios. Upon detectinga match, the IOT network may retrieve is stored response, and transmitinformation consistent with that response, given the location, time, andconditions relevant to the detected abnormal situation. The novel IOTnetwork may also output results of VR scenarios and responses at anytime.

The VR aspects may also be used to test potential home applications. Forexample, the VR aspects may implement a database of the home environmentand provide examples of how the home environment and other conditionswould update given changes to sensor data. This could allow moreeffective control of home heating and air conditioning, more effectivedecision making regarding the implementation of updated lighting,appliances, solar panels, or the like with respect to monthly energycosts, etc.

An MC System may be configured to include the VR aspects. This MC Systempreferably includes, along with the sensor information and mappingtable, information regarding the home environment.

7. IP Multicast and Broadband

Preferably, the novel IOT network uses IP multicast and/or broadcasttechnology in wireless and wired communication network to communicatepunctually with sensors. Preferably, the novel IOT network controls somesensors in response to their sensing an abnormal situation. Preferably,the novel IOT network is configured to concentrate communication power,bandwidth and frequency of communications to one or more MDTUs andsensors related to the sensors sensing an abnormal situation, such asMDTUs and sensors an a geographic or logical region experiencing theabnormal situation.

7.1 Geographic Region Abnormality

Preferably, the novel IOT network is programmed to utilize IP multicastand/or broadcast technology to communicate punctually with a pluralityof geographically diverse sensors. Preferably, one or more nodes of thenovel IOT network determine that sensor data indicate an abnormalcondition. The sensor data may from one sensor, from a plurality ofsensors at the same location, or from a plurality of sensors atdifferent locations. The one or more nodes are programmed generate aresponse to the sensor data. The response may include instructions fortransmitting MDTU instructions, and/or sensor instructions, to aplurality of sensors associated with one or a plurality of MDTUs. Thesensors to which the responsive instructions are sent may include onlysensors distinct from those that generated the sensor data, may includea subset of the sensors that generated the sensor data, may includeexactly the same set of sensors that generated the sensor data, andpreferably include at least one of the sensors that generated the sensordata, and at least one sensor that did not generate the sensor data.Preferably, the sensors to which responsive instructions are sentinclude at least one of the sensors that generated the sensor data, anda plurality of sensors that did not generate the sensor data.

Preferably, each node that generates responsive instructions for aplurality of MDTUs and/or sensors employs IP multicast to specificallytarget the plurality of MDTUs and/or sensors to minimize the amount ofdata transmission over network links.

Moreover, when one or more nodes of the novel IOT network determine thatsensor data indicate an abnormal condition for which the novel IOTnetwork is programed to generate responsive instructions, the novel IOTnetwork executes code to determine a suitable node for receivingadditional sensor data from sensors whose data defines the abnormalityand executing software to provide responsive instructions. The resultingsuitable node will be the incident control node. The suitable nodedetermination algorithm may take as input, geographic locations of atleast one of, preferably at least two of, and more preferably all of,the sensors providing data indicating the abnormality, geographiclocations of nodes of the IOT network, node resources including CPUcapacity, memory, IOT link structure (which nodes are linked or linkablewith which other nodes and bandwidth and/or latencies for each link),and the links required for each sensor providing the sensor dataindicating the abnormality to communicate with a particular node.

The suitable node determination algorithm may estimate minimum noderesources and bandwidth resources including CPU capacity and memory,required to receive subsequent data from sensors providing the sensordata indicating an abnormality and generate and transmit the responsiveinstructions.

The suitable node determination algorithm may perform a function thatlimits possible suitable nodes for generating responsive instructions,to those nodes having sufficient resources to respond, based upon thenumber of sensors and type of sensor data of sensors indicatingabnormality, to determine a set of potential responsive nodes.

The suitable node determination algorithm may calculate the number oftotal links required for a each node of the set of potential responsivenodes to receive sensor data from sensors providing data indicatingabnormality.

The suitable node determination algorithm may calculate the sum ofgeographic distance between each node of the set of potential responsivenodes and sensors or MDTUs having sensors providing data indicatingabnormality.

The suitable node determination algorithm may calculate the sum of linklatencies of paths from sensors providing the data indicatingabnormality to each node of the set of potential responsive nodes.

The suitable node determination algorithm may calculate, instead of thesums, more general functions of the number of links, distances, andlatencies. The suitable node determination algorithm may use the sums oroutputs of the more general functions, as inputs to a node selectionalgorithm that provides values for each node of the set of potentialresponsive nodes. Alternatively, the suitable node determinationalgorithm also inputs (1) the output of the selection algorithm and (2)the estimate of node resources to provide values for each node of theset of potential responsive nodes. Preferably, the suitable nodedetermination algorithm selects a node having the largest or thesmallest output value, as the suitable node.

Preferably, the novel IOT network is programmed to instruct the suitablenode to generate responsive instructions to the abnormal sensor data.Preferably, the novel IOT network is programmed to await a signal fromthe suitable node, indicating that the suitable node is taking overgenerating responsive instructions. For example, the suitable node mayhave to install incident response software necessary to generateresponsive instructions, and that may require a finite amount of timeduring which the one or more nodes, by default, respond to sensor dataindicating abnormality. If so, preferably the one or more nodes transmitto the suitable node, their instructions and any sensor data not alsotransmitted to the suitable node during the time the abnormality wasidentified and the time when suitable node indicates it is taking overgenerating responsive instructions.

The suitable node becomes the incident control node when it takes overgenerating responsive instructions.

The incident control node may perform several functions. One functionincident control node may perform is determining from which sensors toreceive sensor data. One function incident control node may perform isdetermining to which sensors to send instructions. One function theincident control node may perform is determining what instruction tosend to sensors. One function the incident control node may perform isdetermining which other nodes to send instructions. One function theincident control node may perform is determining sampling parameters fora sensor, including sampling rate, ADC resolution, frequency of sensordata transmission from the sensor. One function the incident controlnode may perform is determining frequency of data transmissions from theMDTU associated with the sensor. One function the incident control nodemay perform is determining network path that the MDTU should use fromthe MDTU to the incident control node.

One function incident control node may perform, or that the incidentcontrol node may instruct another node to perform, or that may beperformed by another node without an instruction to do so from theincident control node, is incident modeling. This modeling preferablyuses sensor data as discussed above to predict which of the IOT sensorsat future times will be associated with the incident. For example, whichsensors the model predicts will provide abnormal values at future timesas a result of modeling of the time progression of the abnormality. Anabnormality may be for example, an atmospheric disturbance, such as aweather storm, earthquake, fire, network outage, environmentaltemperature extreme. An abnormality may be for example limited to sensordata in a single building or relatively localized area of a cluster ofbuildings, for example sensor data indicating abnormal atmosphericcontent, such as substantial carbon monoxide, carbon dioxide, naturalgas, or water vapor, or other gas concentration.

An output of incident modeling may be a set of sensors or a geographicregion for which the incident control node is programmed to generateinstructions for those sensors or sensors in those regions, or forparticular types of those sensors to transmit sensor data to theincident control node. For example, the output may be only a subset ofsensors measuring atmospheric content. For example, the output may beonly a subset of sensors measuring temperature. For example, the outputmay be only sensors providing audio and video data. An output ofincident modeling may specify a time period for each sensor, formultiple sensors based upon sensor type and location, or for all sensorsof set of sensors. Each output time period correlated to on or moresensors may form part of an instruction sent by the incident controlnode to instruct that sensor to provide to the incident control node,sensor data, during that time period. In other words, the incidentcontrol node may use the output of incident modeling to specify whichsensors send data to the incident control node, during what time periodsthe provide data to the incident control node, and the specifics of thedata frequency, precision, and transmission modes from the sensors tothe incident control node.

The incident control node may determine nodes that link it to sensorsthat have, or are anticipated by modeling, to provide abnormal sensordata. The incident control node may execute programming instructingnodes forming those links to prioritize retransmission of data eithertransmitted from specified sensors or specified geographic regions, ordata directed to the incident control node, at a higher priority thandata from the sensors generating that data would normally be transmittedor re-transmitted. The incident control node may execute programminginstructing the sensors or MDTU's to prioritize transmission orretransmission of data directed to the incident control node at a higherpriority than data from the sensors generating that data would normallybe transmitted or retransmitted. For example, in one protocol, QOS isdefined by a sequence of bit, for example 16 distinct values (4 bits),and one particular sensor data is normally transmitted in frames orpackets having a priority of 2. The incident control node may instructthe MDTU initially forming frames and packets for data from that sensorto specify priority 16 in the frames or packets.

For example, in one protocol, the incident control node specifies anincident severity level, for example as one of 16 distinct values (4bits), and transmit that sequence pursuant to a fame or packet protocolreserving specified frame or packet bit locations for incident severitylevel, and specifies a unicast group corresponding to a group nodesforming links to MDTUs related to the abnormality, and/or MDTUs relatedto the abnormality. The incident control node includes both the incidentseverity level and unicast group in a unique packet transmitted to oneor more than one other node of the IOT network, and preferably to onlyone other node of the IOT network.

7.2 Logical Region Abnormality

The foregoing related generally to geographic regions experiencing anabnormality. However, digital abnormalities may be defined by a logicalregion, such as a segment of a network, nodes programmed with particularsoftware, whether operating system or utility software, or integratedsensors containing certain programming. Situations where particular codehas been corrupted, replaced with malicious code, or malicious code hasbeen installed, may relate to a logical region. Where logical regionscorrespond to a particular geographic region, the foregoing descriptionsof the IOT network response apply.

Where logical regions do not correspond to a particular geographicregion, the novel IOT network may be programmed to respond byimplementing an incident control node selection algorithm thatdetermines a node that does not have an identified corrupted code,replaced code, or installed malicious code, and then assigning that nodeas an incident control node. Preferably, the novel IOT network alsodetermines a sequence of fallback nodes to be the incident control node,in case the existing incident control node is subsequently determined tohave identified corrupted code, replaced code, or installed maliciouscode. That is, the identification of problematic code may evolve withtime and the IOT network software may continue to determine problematiccode, and need to delegate the current incident control node to not bethe incident control node in case the IOT network software determinesthat node to be infected with problematic code.

The suitable node determination algorithm for a logical region mayperform a function that limits possible suitable nodes for generatingresponsive instructions, to those nodes having sufficient resources torespond, based upon the number of sensors and type of sensor data ofsensors indicating abnormality, to determine a set of potentialresponsive nodes.

The suitable node determination algorithm may calculate the number oftotal links required for a each node of the set of potential responsivenodes to receive sensor data from sensors providing data indicatingabnormality.

The suitable node determination algorithm for a logical region maycalculate the sum of geographic distance between each node of the set ofpotential responsive nodes indicating abnormality.

The suitable node determination algorithm for a logical region maycalculate the sum of link latencies of paths from nodes providing thedata indicating abnormality to each node of the set of potentialresponsive nodes.

The suitable node determination algorithm may compute a value for eachpotential responsive node, which depends upon one, more than one, ortotal number of links; and/or one, more than one, or all latencies;and/or estimate of potential responsive node resources, and select anincident control node based upon the output of that function.

The incident control node for a logical region abnormality may controllinks and priority of data communications to nodes determined to besubject to the abnormality; may control data paths through the IOTnetwork to avoid nodes determined to be subject to the abnormality; andmay receive communications from nodes determined to be subject to theabnormality and provide responsive instructions to those nodes; and maydetermine when nodes previously determined to be subject to theabnormality are no longer subject to the abnormality; and providechanges in network routing instructions and links and priority of datacommunications with those nodes once they the incident control nodedetermines that the other node no longer subject to the abnormality.

The incident control node for a logical region abnormality may controllinks and priority of data communications to reroute sensor datagenerate by sensors and transmitted within the IOT network to avoidnodes subject to the logical abnormality and/or the logical regionsubject to the abnormality.

The incident control node may control links and priority of datacommunications by IP multicasting or broadcasting node linkspecifications specifying node links, node link specificationsidentifying network addresses or IDs of network nodes precluded fromcarrying network data (infected nodes), instructing data transmittedfrom infected nodes be deprioritized, and instructing data transmittedfrom non-infected nodes have priority increased.

In one embodiment, the incident control node stores a list of networkaddresses or IDs of nodes determined to be infected, and broadcasts thatlist to a plurality of other storage nodes, and the IOT network runssoftware on each node specifying which one or more of a plurality ofstorage nodes to query to determine nodes of the network that have beendetermined to either be infected or be not infected. Each IOT networknode then implements instructions to prioritize data transmission to andfrom the infected and non infected nodes accordingly, and to updatetheir local copy of infected or non-infected nodes either periodically,when instructed to do so, or in response to predetermined criteria. Onesuch criteria might be a IP multicast of broadcast network transmissionindicating the logical abnormality had been eliminated from the network.One such criterial might be a rate of increase or decrease of infectednodes for an incident. Each node might determine such a rate bycomparing the number of infected nodes, or number of non infected nodes,it stores locally, as a function of time.

7.3 Combination Geographic and Logical Region Abnormality

The novel IOT network may determine a combined Geographic and LogicalRegion Abnormality, for example, when certain sensors and MDTUs aredetrimentally affected by a disturbance related to some geographicevent, such as a solar flare, forest fire, or the like which may affectboth the values of sensors providing abnormal values and the logicalfunctioning of nodes providing unstable responses due to physical damageor unintended variations in data or code stored in node memory. Thenovel IOT network may respond to such a determination by combiningfunction for determining incident response nodes and responsiveinstructions and algorithms use for each of the geographic regionabnormalities and logical region abnormalities.

8. BRIEF DESCRIPTION OF THE FIGURES

The following figures show aspects of the novel IOT networks, theirstructure, and their use. The figures are exemplary, only, to the extentrequired to comply with rule requiring drawings to illustrateembodiments of claimed elements, and are not intended to limit the noveldisclosed concepts.

FIG. 1 shows a schematic of a novel IOT network 100.

FIG. 2 shows a schematic of N6, node 110, of the novel IOT network.

FIG. 3 shows a schematic of a node MDTU1, or N1, of FIG. 1 that is anMDTU, and associated sensors.

FIG. 4 shows a schematic of an associated dumb sensor of FIG. 3.

FIG. 5 shows a schematic of an associated integrated sensor of FIG. 3.

FIG. 6 shows another schematic illustrating a novel configurable IOTNetwork 600, including an MC System and a CHS, as generally described inU.S. Pat. No. 9,912,983, which is incorporated herein by reference.

FIG. 7 is a schematic showing an IOT network 700 comprising a cloudcontroller 710 for controlling an IOT network.

FIG. 8 is a high level flow chart showing flow of functions performed bycloud controller 710 of IOT network 700.

FIG. 9 is network schematic 900 showing communication links betweensensors, an MDTU of FIG. 1, and network interfaces.

FIG. 10 is a schematic 1000 of components of one embodiment of an MDTUof FIG. 1.

FIG. 11 is a schematic 1100 of an agent (either a Network Edge agent ora Device Agent) communicating with an IOT network.

9. DETAILED DESCRIPTION OF EMBODIMENTS

Detailed Description of Embodiments

FIG. 1 shows novel IOT network 100. Network 100 is shown comprisingnodes N1 to N7. Node 100, N6, is connected to Node 5, by link 120. NodeN3 is connected to Node N1, that is element 1060, by link 130. Node N4is connected to Node N1, by link 140. Element 160 is node N1, which isalso an MDTU, identified as MDTU1. MDTU1 communicates with a pluralityof sensors, S1, S2 to Sn (n representing an integer), numbered 180, 182,183, and 183, by communication and/or control lines numbered 170, 171,172, and 173. Communication and/or control line 172 and sensor 182 areshown in dashed lines indicating they may represent a plurality ofsensors communicating data to node 160. FIG. 1 shows dashed box 150representing are relatively localized region of space surrounding node160 that contains sensors S1 to Sn, indicating that sensor dataoriginating in the IOT network from sensors communicating with node 160originates in the vicinity of node 160, for example within a 10kilometers of node 160, for example within 1 kilometer of node 160, andfor example within 100 meters of node 160. FIG. 1 shows element 160′ isa node and an MDTU identified as N2 and MDTU2 and has an associatedvicinity 160′. Node 160 also has associated sensors S1′ to Sn′ andsensor communication and/or control lines 170′. FIG. 1 also shows node160 having links to two other nodes, nodes N4 and N5.

FIG. 2 shows node 200 comprising a casing 210, CPU 220, memory 230,firmware 240, and I/O 250. The casing is optional. The memory may beorganized in various forms including logical drives and conventionallyaddressable random access memory. Not shown are conventional hardwareelements including data bus's, power supply and the like. Also not shownare contents of memory including a local operating system, codenecessary for network operations in addition to operating system, systemconfiguration data, and utility software code. The I/O represents theability to communicate with other nodes including for example a networkinterface and storage of corresponding protocols.

FIG. 3 shows MDTU node 300 including casing 310, CPU 320, memory 330,firmware 340, and I/O 350 as described for elements of FIG. 2.

FIG. 3 also shows dumb sensor 400 (Sa) within casing 310 and integratedsensor 500 (Sb) communicating with node 160 via link 380. FIG. 3illustrates configuration of an MDTU of network 100 receiving sensordata from both an internal dumb sensor and an integrated sensor.

FIG. 4 shows dumb sensor 400 comprising ground connection 410, physicalproperty transducer 420, conductive line 430. Conductive line 430outputs a voltage to input of ADC 440. ADC 440 outputs digitally sampleddata 450 (Xout). ADC 440's sampling parameters (such as precision andsampling rate) may be controlled by signals received from control line460.

FIG. 5 shows integrated sensor 500 comprising a casing 510 enclosing CPU510, memory 520, firmware 540, and I/O 550, similar to elements of FIG.2. FIG. 5 also show integrated sensor 500 comprising a dumb sensor(transducer 420, ADC 440, and control line 46) communicating with localI/O 550. Local I/O received sampled data output from ADC 440 andoptionally provides control signals to the dumb sensor on line 460. Forclarity, FIG. 5 shows MDTU 300 to illustrate that I/O 550 communicateswith an MDTU.

FIG. 6 is a schematic illustrating a dynamically configurable IOT 600comprising a CHS and an MC system. FIG. 6 shows cellular network 610;node Nx, that is node 620 of cellular network 610; MC system 640 andlinks 630 from MC system 640 to networks 660 (comprising the Internet,PSTNs, and service provider networks), to cellular network 610, and toother MC systems 670; CHS 650; and content server 680.

As shown, MC system 640 may comprise: an inside transceiver; a routingmodule; a mapping table; an outside transceiver; a content strong; aconverter; and one or more antenna.

As shown, MC system 640 may have links to WiMax, NFC, Cable, DSL, Fiber,WLAN or other transmission media and standards of CHS 650. MC system 640may optionally include content server 680.

As shown, CHS 650 may comprise a customer terminal, a keyboard, aprinter, a fire alarm, a modem, a TV set top box, a video camera, anATM, a PDA, a PC, a wireless access point, a mobile phone, an Externaldisplay, a TV set. CHS 650 may comprise other devices.

CHS 650 may comprise an MDTU, that is a network node having sensors. MCsystem 640 may also comprise an MDTU, that is a network node havingsensors.

The MC System 640 functionality includes receipt, conversion andtransmission of content in two directions. MC System 640 includesfacilities for mapping and routing content to various connected devicesand data storage for storing content that is served locally or to remotedevices. Receiving, converting and transmitting multimedia content maybe performed in two directions using the MC System 640. For example,this may include receiving and transmitting signals from one or more ofthe cellular networks, the Internet, the PSTNs, and the service providernetworks 660, other Management Centers, as well as receiving andtransmitting signals from user terminals including televisions,monitors. A variety of sensor monitoring is also implemented, includingdiaper monitoring, video camera, fire alarm, theft sensor, etc.

The MC System 640 also includes a converter module with routines forselecting, extracting, compressing, decompressing, adjusting data, andconverting the data format and/or power level and/or data packagesize/format.

The MC System 640 also includes a mapping table and a routing module.The mapping table is described further below. It matches phone numbers,cable ports, DSL ports, IP addresses, etc. The routing module is forrouting data to destinations through designated channels. The routingmodule accommodates routing the received data that is inbound from avariety of sources including but not limited to cable, broadcasttelevision and Internet. It also accommodates routing to a variety ofinterfaces found on receiving terminals, including but not limited toRS232, USB (any versions of the specification for USB), and video cableport. The routing module receives the relevant information concerningrouting from the results of looking up the same in the mapping table,and carries out the routing accordingly. The mapping table and routingmodule also include information and program code for carrying out thedynamic configuration of the IOT network.

The MC System 640 also includes data storage, such as a spinning orsolid state hard disk. This allows the MC System 640 to store content toassist faster and more efficient data receiving and transmission to userterminals. The MC System 640 may also conveniently retains convertedcontent (e.g., compressed, coded, decrypted, decompressed) forsubsequent additional access. This converted content may be providedinternally or transmitted externally from MC System 640.

When a communication is inbound to the MC System 640, it may include adata package that identifies the destination device. This may be in theform of a unique device identifier that is associated with each devicemanaged by MC System 640. The mapping table is queried for the presenceof the unique identifier. Once this is successfully performed,corresponding information regarding the processing of the communicationmay be automatically gathered from the mapping table. The information inthe data package is also connected to the IOT network dynamicconfiguration. Thus, for example, changes in sensor data may beassociated with updates for destination devices and/or routingrequirements.

Additionally, or alternatively, MC System 640 (and/or CHS 650) canobtain formatting, addressing, and other information by referencingportions of the received data package according to a predefinedprotocol. For example, information within the received data package mayindicate the format (e.g., TCP package in Internet) for transmission andthe format (e.g., data package defined by WCDMA standard in 3G) forreceiving, as well as the destination address corresponding to theconverted data format. The overhead information within the received datapackage can inform the MC/CHS regarding the next transmission protocoland matched format. That is, the data package received by the MC/CHSincludes some defined extra data besides the desired content data. Thisinformation informs the MC/CHS regarding the inbound data formattransmission protocol, and also the outbound data format and thetransmission protocol corresponding to the data format.

There may also be network-based connections, such as to a PC (or homeLAN router) or directly to a television equipped with a networkinterface card and related functionality. In these instances the addressinformation (and corresponding entries in the mapping table) wouldinclude the network address of the particular device. MC System 640 isequipped with its own network interface card and corresponding output toengage in these communications. These and other communications such asto a cellular phone via either the use of the cell phone number or adirect local wireless communication may be made, again as indicated inthe mapping table. These communications are also dynamicallyconfigurable to provide or participate in the dynamically configurableIOT network according updates in the sensor data, etc.

There may also be situations where multiple different processes andcorresponding conversion and addressing need to be applied for a givendevice. For example, a television set may be connected to both a networkconnection and the video output of MC System 640. As another example, acellular phone may have alternative communication capabilities as noted.In these circumstances, the mapping table may also include multipledifferent entries designating the address, signal format, etc. In thisfashion, the IOT network accommodates updates to communication andaddressing according to changes and updates in different situations.

Category codes includes in the mapping table information may be used toefficiently sort different forms of processing that depend uponconditions (e.g., based upon sensor data). Thus, for example, aprocessing category code #1 may be a low level priority while sensordata is relatively benign (e.g., no fire), whereas processing categorycode #2 may provide a higher level of priority and differentcommunication pathways and requirements for emergency situations (e.g.,possible fire detected, possible unauthorized entry, power outage, etc.)The processing category code may (like the device identifier) be anumber that is included in the data package.

The data package may also be variously provided to MC System 640. In oneembodiment, the data package may be contained in a header area in packetdata sent to MC System 640 by the source. Still further, at times thedata package may itself contain information used in converting and/oraddressing the appropriate device. For example, the data package itselfmay contain the network address of the destination device in lieu oflooking for the same in the mapping table. As another example, all orpart of key information for decrypting content may also be provided inthe data package. As still another example, the data package may containa flag to track an indication as to whether a virus screening processhas completed successfully.

Devices that are intended to work with MC System 640 may also beequipped with software and/or hardware that allows them to insert anddeliver the appropriate information in communications with MC System640. For example, a cellular phone may be equipped with software thatprovides the appropriately configured data package in initiatingcommunications with MC System 640 and/or configuring MC System 640 toprovide any of the dynamic IOT network features described herein.

MC System 640 variously processes data depending upon correspondingdevices and purposes for the data. For example, the data received fromcellular networks are selected and then converted to be displayed onhome or office appliances with different types of display screens.Similarly, some content can be displayed more properly by mobile phonedisplays.

In addition, some data are also compressed and re-organized at MC System640 so that they have certain data package sizes and formats formatching the requirements of the relevant transmission networks. Forexample, the signals sent from a wet diaper, fire alarm, and/or theftsensor may be transmitted to a user's cell phone or 911 Center.Additionally, either these signals or the corresponding routingcondition of information related to them is updated depending upon thesensor data. This information may be compressed before transmission overthe wireless network, which allows increased efficiency when using thewireless communication channel Additionally, security and encryptionprotocols (e.g., SSL) and error prevention protocols and coding schemes(e.g., Huffman, Solomon, or Turbo LDPC coding) may be applied to ensurethat the information that is transmitted remains secure and withouterror.

The dynamically reconfigurable IOT network also applies to homeappliances. The home appliances (e.g., TV set, PC, Handset, Printer,PALM, camera, Headset, game controller, refrigerator, etc.) may alsofunction through the (CHS), as illustrated. CHS 650 communicates with MCSystem 640 and/or Internet and/or other networks. CHS 650 can also bebuilt into a cable modem, TV set top box, or other device. The sensorsignals, for example, from a wet diaper, fire alarm, or theft sensor canalso be sent from the CHS. Finally, it is noted that CHS 650 may performthe functions described for MC System 640.

The commonly practiced wireless connection centralized by wirelessaccess point is based on WLAN technology, which is IP-orientedtechnology. Since the IP addresses may exhaust over time, each consumerelectronics item such as headset, game controller, etc. configured tohave an IP address is costly and fails to serve the user's needs well.One or more embodiments of the present invention offer two aspects inthis regard. First, an intelligent management system centered bytraditional connection equipment, such as TV set top box, cable modem,DSL modem or the like unites, manages, and optimizes the consumerelectronics' functions. Also provided is a non-IP based wirelessconnection among these consumer electronics devices.

As shown in FIG. 6, CHS 650 communicates with the Internet through ADSLor cable and cellular base stations through wireless connection. Theconsumer electronics items communicate with CHS 650 through wirelesschannels such as Bluetooth, UWB, NFC or wire line connection. CHS 650 isthe center of this wireless communication system.

A handset (e.g., cellular phone) can receive Internet data through CHS650 and/or MS instead of communicating with a cellular base station.This communication channel is more reliable, less costly, and offersimproved bandwidth compared to conventional connections between basestation and the cellular phone.

There may be a corresponding connection between CHS 650 and the cellularnetwork. This may implement a traditional wireless connection betweenCHS 650 and a cellular base station, with the communicationsimplementing conventional wireless communications protocols. Anotherpossibility is a leased line or wireless line connecting CHS 650 to thecore cellular network. CHS 650 preferably includes a WiFi routerfunction as well as the ability to route addresses between IP andcellular telephone number. It also is able to report to the cellularnetwork with regard to the location of a particular user, so thatinformation designated for that particular user may be directed to CHS650 accordingly (e.g., calls, content ordered by particular user viacellular phone, etc.). It also may include any necessary conversionfunctions. In addition to reporting the location of a user to thecellular network, MC System 640 (or CHS) may also report roaminginformation to other MC Systems (or other CHS). This allows subsequentcommunications between users without involving the cellular network.That is, a first user may be located in the covered area for a first MCSystem, and a second user may be located in the covered area of a secondMC System. While this circumstance remains, communications between thefirst and second users via their mobile terminals may involve thewireless connections from the MC Systems (as well as the connectionbetween MC Systems, which may, for example, be an IP connection).

In addition, the information sent to the cellular phone can be deliveredto a TV for a better display in accordance with another aspect of thepresent invention. Furthermore, the communication between CHS 650 and anoven with sensors and corresponding conditions can be variouslytriggered, such as through the detection of boiling water or thetemperature of the food in an oven. A signal to arouse the attention ofwhomever is cooking the food or boiling water is transmitted to the TV,acoustic system, cellular phone, computer, beeper, mobile terminal, PDA,etc.

Various sensor data may prompt corresponding communications. Forexample, a wetness sensor in a child's diaper may prompt when wetness isdetected. Corresponding signals will be delivered to TV, cellular, daycare center, etc. Similarly, fire alarms, entry alarms, power outagealarms and other prompt communications that may be dynamicallyconfigured and update according to all the contributing sensor data.

A variety of data transmission protocols may be used to transmitmultimedia content to MC System 640, including from cellular networks(e.g., 3G), Internet, Service Providers, and from other MC Systems.

A set of transmitter(s) and/or receiver(s) for connection with externalresources is equipped at MC System 640. The connection channels for datatransmission may include wired line connections (e.g., DSL, Fiber,Cable, DSL, least line, etc.) between MC System 640 and outside networks(e.g., Cellular Network, Internet, Service Provider networks).Additionally, wireless connections (e.g., WiMax, Satellitecommunications (e.g., VSAT system), traditional communications withcellular base stations, point-to-point or point-to-multipoint wirelessconnections) may provide the connection between MC System 640 andoutside networks. MC Systems may also connect, communicate, route, andrelay content among and between each other. The connections among MCSystems are structured by efficient data transmission, servicerequirement, cost, bandwidth and other resources availability, and therelationships with Internet Content Servers, Cellular Networks, localService Providers, and other MC Systems.

A variety of communications may also be applied for the communicationchannels between MC System 640 and the various local user terminals. Atthe user terminal side, the users use TV, computer, DSL modem, Cablemodem, WLAN access point, mobile terminals, and various sensors thatcommunicate with MC System 640.

A set of transmitter(s) and/or receiver(s) are equipped for the datatransmission between MC System 640 and user terminals. Communicationchannels between MC System 640 and user terminals include the following:(1) direct connection using the available transmission port/standardsuch as USB, RS232, TV cable, Ethernet, Telephone line, etc.; (2)Wireless Personal Area Network such as UWB, Bluetooth, WLAN, etc.; (3)Long-range wireless connections such as WiMax, Satellite, e.g., VSAT, TVbroadcast, etc.; or (4) Wire-line connection such as DSL, Cable,Ethernet, etc.

The data transmission between an MC System 640 and user terminals can beone-way or two-way. One-way data transmission includes data sent from MCSystem 640 to the user terminals and the data sent to MC System 640 fromuser terminals. For example, MC System 640 sends data to user terminals(e.g., advertisement broadcast to TVs, computers, mobile terminals,etc.). Similarly, the user terminals send data to MC System 640 (e.g.,signals sent from a fire alarm to an MC System.). The data transmittedbetween an MC System 640 and a user terminal is preferablybidirectional. In this circumstance, transmitter and receiver at bothsides are equipped.

The operations on data processing and transmission at an MC System 640can be shared with a plurality of user terminals and/or other MCSystems. In some circumstances, some functions of MC System 640described above can be done by a user terminal so MC System 640 isomitted. One aspect of the invention is a TV or other display that isequipped to receive RF signals sent from cellular base stations. Thecellular television demodulates, and/or compresses/decompresses data,and/or converts the signals to the appropriate format before displayingthe image/video. The conversion and transmission provided with thetelevision can also be two-way. The cellular television with a videocamera/microphone can also record and extract the multimediainformation, which can be transmitted to other users' terminals throughcellular network or Internet. The cellular television is equipped toextract and/or convert, and/or compress, and modulate the multimediainformation before sending it to the cellular base station. The cellulartelevision also preferably has a separate channel for displayingmultimedia information from the cellular network or other networksbeyond traditional TV programs. Users may also use the TV remotecontroller to dial telephone numbers like a telephone dial panel.

Referring again to FIG. 1, an MDTU may be embodied as a group ofsensors, for example corresponding to the fire alarm sensor of CHS 650.Alternatively, an MDTU may be embodied within other components, such asMC System 640 and/or CHS 650. Examples of these implementations of anMDTU are illustrated in MC System 640 and the local environment of CHS650, as illustrated in FIG. 6.

FIG. 7 shows IOT network 700 comprising a cloud controller 710 forcontrolling an IOT network. FIG. 7 also shows links 720 (dashed lines);nodes 730 (Multi-mode HetNet Nodes); and IOT devices 740 (graphicallyindicated as video recorder, mobile phone, PC, and automobile). FIG. 7distinguishes between nodes 730 linked to an IOT device 740, identifyingthose nodes with End Terminal Device Agents, and nodes 730 not linked toan IOT device 740, identifying those nodes with Network Edge Agents.

A Network Edge Agent is built-in as firmware of wireless networkequipment, i.e. base station, gateway, repeator, etc. Network Edge Agentreceives and implements policies and tasks sent from the CloudController. Network Edge Agent works closely with radio-relatedfunctions thus may dynamically change radio parameters i.e. Tx Power,Central Frequency, Bandwidth, Frame Configuration, RF Mode, etc.

A Device Agent is built-in as firmware of IoT devices. It receives andimplements policies and tasks sent from the Cloud Controller and NetworkEdge Agent, thus it may change the device's RF behavior dynamicallyaccording to the policies or tasks received from upper layer.

Heterogeneous networks (HetNet) is a term used for modern mobilecommunications networks. A modern mobile communications network iscomprised of a combination of different cell types and different accesstechnologies.

Multi-mode HetNet Node refers multiple types of HetNet-capable wirelessbase stations, including Macro cells that are used to provide coverage.Pico cells and micro cells that are used to enhance capacity in busyareas, such as train stations, shopping malls and city centers. Femtocells and Wi-Fi that are used at the office and at home. Deployment ofthese small cell are a key feature of the HetNet approach as they allowconsiderable flexibility as to where they are positioned.

Multi-mode HetNet Mesh is composed of a cluster of wireless-mesh-capableMulti-mode HetNet Nodes.

Cloud controller 710 preferably controls network 700 to improve spectralefficiency, resource utilization rate, and real-time ability. Spectralefficiency, spectrum efficiency or bandwidth efficiency refers to theinformation rate that can be transmitted over a given bandwidth in aspecific communication system. It is a measure of how efficiently alimited frequency spectrum is utilized by the physical layer protocol,and sometimes by the media access control.

Resource utilization rate is defined as the amount of a wirelesschannel's available frames that can be allocated for data payloadtransfer, divided by theoretical maximum scheduled frames in given timeslot, expressed as a percentage.

Real-time ability means the latency between transfer and receiver(usually measures as a number in microseconds).

Cloud Controller 710 is a centralized network management entity,including at least one digital processor, memory, I/O, an operatingsystem, and other software or firmware.

Cloud Controller 710 determines some or all of the parameters definingeach link in the IOT network (a link is also referred to herein as aconnection), including RAT(radio access technology), allocatedbandwidth, QoS, scheduling priority, data routes, etc. in charge of allnetwork management functions. Cloud Controller 710 semi-continuouslyupdates network elements with management message and signaling. Forexample, communicating with the rest of the network during every second,and typically sending or receiving instructions during most millisecondintervals. Cloud Controller 710 sends upper layer service requests (alsoknown as distributing policies and computing tasks) to network equipmentand devices, such as nodes 730 and IOT devices 740.

For example cloud controller 710 implements software that controlsnetwork configurations to send to the nodes 730 and IOT devices 740,which in part specifies to nodes 730 and IOT devices which devices toform or terminate links 720. For example, software that cloud controller710 implements may determine which ones of nodes 720 implementing endterminal device agents connect to which ones of IOT devices 740. Thisdetermination may be based for example upon location information for IOTdevices 740, IOT bandwidth requirement information (indicating how muchbandwidth is desired) from IOT devices 740; and node bandwidthrequirement information (indicating how much bandwidth is desired) fromnodes 730. Cloud controller 710 may for example determine to sendinstructions to specified nodes 730 to make or brake links withspecified IOT devices 740, to minimize link distance, to reducebandwidth load on specified nodes 730, or to decrease latency of signaltransmission from specified IOT devices or specified types of data froman IOT device, to a network node 730 or to cloud controller 710.

In one mode of action, cloud controller 710 detects and evaluate networkstatus periodically, such as every millisecond, second, every minute, orevery hour, based upon timing triggers. When a timer triggers, cloudcontroller 710 may calculate network status and update a network statusmatrix containing information defining the status of the network. CloudController 710 may generate tasks (including Power Adjustment,Frequency, Channel Bandwidth, Coding Scheme, Modulation, Target BLER,Required QoS, Target Latency, etc.) based upon the contents of networkstatus matrix. Cloud Controller 710 may distribute the generated tasksto the network edge (that is to Multi-mode Heterogeneous Base Stations).The Network Edge Agent may implement changes according to the receivedtasks. The Network Edge Agent may distribute changes to Device Agent ifthe task calls for changes at device side. The nodes running the NetworkEdge Agent and optionally the IOT devices running the Device Agentimplement changes and tasks specified by the instructions originated byCloud Controller 710.

In one mode of action, cloud controller 710 detects an order fromapplication layer that requires the network to allocate resourcedynamically. For example, a video emergency call is to make from abandwidth-limited multi-radio access technology. Cloud controller 710may calculate network status and update the network status matrix. CloudController 710 generate tasks (including Power Adjustment, Frequency,Channel Bandwidth, Coding Scheme, Modulation, Target BLER, Required QoS,Target Latency, etc.) to address and prioritize the emergency videocall. Cloud Controller 710 may distribute the tasks to a network edge(that is, to a suitable Multi-mode Heterogeneous Base Station that cancommunicate with the sender of the emergency call.) That Network EdgeAgent running on the Multi-mode Heterogeneous Base Station implementschanges according to the received tasks. That Network Edge Agent maydistribute changes to the Device Agent (running on the video emergencycaller's video calling device) if the task calls for changes at deviceside.

In one mode of action, cloud controller 710 detects changes in devicebehavior and recognize changes should be made due to certain devicescall for network resource. For example, cloud controller 710 may receivenetwork information indicating a surge of activated devices above somethreshold number or factor. Cloud controller 710 may run software thatindicates from the surge in activated devices that the network is goingto be required to admit mass connections in a very short coming slot.Note that a device typically has status of either active mode orinactive mode. In active mode, a device is online and likely in theprocess of transferring or receiving data to or from network nodes. Ininactive mode, the device has no data to transfer or receive. CloudController 710 may calculate network status and update the networkstatus matrix. Cloud controller 710 may generate tasks (including PowerAdjustment, Frequency, Channel Bandwidth, Coding Scheme, Modulation,Target Block Error Rate (BLER), Required QoS, Target Latency, etc.)Cloud controller 710 may distribute the tasks to network edge (that isMulti-mode Heterogeneous Base Stations). The corresponding Network EdgeAgents in the Base Stations implement changes according to the receivedtasks. The corresponding Network Edge Agents distribute changes toDevice Agents (of the device with which they are communicatingrespectively) if the task calls for changes at device side.

The network status matrix stores data elements including: applicationrequirements for applications run on IOT nodes and devices; distancebetween pairs of IOT nodes; power consumption requirement of IOTdevices; QoS (the quality of service) requirements for communicationprotocols and applications; data rate requirements; bandwidthrequirements; payload form including size of the package and codingscheme; latency of data paths; fault information for nodes; failure ordisconnection data for links between pairs of nodes; and other factorsthat may relate to decisional processing executed by Cloud controller710 to improve spectral efficiency, resource utilization, and real-timeability.

FIG. 8 is a high level flow chart 800 showing flow of functionsperformed by cloud controller 710 and controlled elements in IOT network700.

FIG. 8 show start 810, periodical time triggers 820, application layertriggers 830, device awareness triggers 840, update network statusmatrix 850, generate tasks 860, distribute tasks 870, execute tasks 880,and stop 890.

If a periodic time trigger exists, at 820, cloud controller 710initiates execution of the left column of steps 850 to 890. Cloudcontroller 710 updates a network status matrix 850 based upon datareceived from the network components in 850, executes code to generatetasks 860 and based at least in part on network status, and todistribute tasks 870 to network components based at least in partnetwork status, and cloud controller 710, nodes 730, and/or IOT devices740 execute those tasks, at step 880.

If there is no periodic time trigger, at 820, cloud controller 710determines if application layer triggers exist, at step 830. If yes,cloud controller 710 and the other network components execute steps 850to 880 as just described for periodic time triggers, but for theapplication layer triggers.

If there no application layer triggers exist, at step 830, cloudcontroller 710 determines if device awareness triggers exist, at step840. If yes, cloud controller 710 and the other network componentsexecute steps 850 to 880 as just described for periodic time triggers,but for the device awareness triggers.

FIG. 9 shows network schematic 900 including: MDTU 160, and carbonmonoxide (Co), nitrous oxide (NO), and Ozone (O3) sensors 180communicating to MDTU 160.

FIG. 9 also shows IOT Gateway 910; LAN or LAN/WiFi connection 920A,920B; routers 930A, 930B; cellular connections 940A, 940B; cellular basestations 950A, 950B; Internet I; IOT NS & AS; and client server 970.

FIG. 9 shows that MDTU may communicate with Internet and cellularnetwork connected devices, and a IOT network controller, such as cloudcontroller 710, via different data communication paths and networks.

FIG. 10 shows schematic 1000 of an MDTU of FIG. 1 comprising powermanagement and monitor, communication ports (RS232, RS485) to receivesensor data, and memory and an MTU to set messages according tocommunication specifications, and interfaces for communicating withanother IOT node (B2B connector); a source of GPS signals (B2Bconnector); cellular networks (such as 3G and 4G, for example using miniPCIe) and WiFi transmitter (for example using mini PCIe).

FIG. 11 is a schematic 1100 of an agent (either a Network Edge agent ora Device Agent) communicating with an IOT network. FIG. 11 shows anapplication of an IOT device agent (or application) communicating viavarious wireless with different network nodes using MQTT and UDPprotocols for the different communication paths, using environmentindependent gRPC for RPCs.

1. A novel IOT network, comprising: a plurality of IOT network nodes,each node comprising at least one CPU, memory, firmware, an operatingsystem, and I/O for communicating with other nodes; wherein a first MDTUis one of said plurality of IOT network nodes; a plurality of first MDTUsensors, wherein each one of said plurality of first MDTU sensors isdesigned to provide sensor data of a physical parameter to the saidfirst MDTU; wherein said MDTU is configured to retransmit sensor datafrom each one of said plurality of first MDTU sensors in the form ofmessage data units to at least one other node of the IOT network.
 2. TheIOT network of claim 1: wherein said first MDTU further comprises anetwork edge agent configured to receive and implement policies andtasks transmitted to it from a cloud controller.
 3. The IOT network ofclaim 1, further comprising said cloud controller; wherein said cloudcontroller is configured to communicate policies and tasks to pluralnodes of said plurality of IOT network nodes; and wherein said couldcontroller is configured to determine policies and tasks to transmit tosaid plural nodes based at least in part upon data received by saidcould controller from nodes of said IOT network.
 4. The IOT network ofclaim 3 wherein said cloud controller is programmed to determine andcommunicate policies and tasks to said plural nodes of said plurality ofIOT network nodes that improve at least one of spectral efficiency,resource utilization rate, and real-time ability.
 5. The IOT network ofclaim 3 wherein said cloud controller is configured to execute periodictriggers, application layer triggers, and device awareness triggers. 6.The IOT network of claim 5 wherein said cloud controller is configuredto execute application layer triggers when it finds no periodic trigger.7. The IOT network of claim 6 wherein said cloud controller isconfigured to execute device awareness triggers when it finds noapplication layer trigger.
 8. The IOT network of claim 3 wherein saidcould controller is configured to determine policies and tasks totransmit to said plural nodes based at least in part upon sensor datareceived by said cloud controller and resulting from measurement of aphysical parameter by one of said plurality of first MDTU sensors. 9.The TOT network of claim 1 wherein said first MDTU is configured totransmit sensor data from different one of said plurality of first MDTUsensors along different communication paths.
 10. The TOT network ofclaim 1 wherein said first MDTU is configured to split a stream of dataoriginating from one sensor into distinct streams and to transmit thedistinct streams of data along different communication paths.
 11. TheTOT network of claim 10 wherein said first MDTU stores latency andbandwidth limits of different communication paths in the TOT network anddetermines which communication path to send at least one of the distinctstreams based upon one of the stored latency and bandwidth limits. 12.The TOT network of claim 1, wherein said first MDTU is configured toexecute a sensor hash function on sensor data and transmit the output ofthe hash function (sensor hash) with corresponding sensor data.
 13. TheTOT network of claim 1, wherein said first MDTU is configured to seed akey generating algorithm with sensor data that results from measurementof a physical quantity and a sensor hash.
 14. The TOT network of claim1, wherein said TOT network is programmed and/or configured to provide aVirtual Reality (VR) based upon sensor data collected from a pluralityof sensors.
 15. The TOT network of claim 15, wherein said TOT network isprogrammed to determine a time evolution of said VR based upon sensordata collected from a plurality of sensors.
 16. The TOT network of claim15, wherein said TOT network is programmed to transmit instructions whensaid time evolution of said VR predicts a predetermined event.
 17. TheTOT network of claim 15, wherein said TOT network is programmed to runsimulations by varying sensor data collected from a plurality of sensorsto time evolution of simulations.
 18. The TOT network of claim 17,wherein said TOT network is configured to store results of simulationsfor at least one of geographic region abnormalities and logical regionabnormalities.
 19. The TOT network of claim 17, wherein said TOT networkis configured determine responses to simulations that are relativelyeffective in achieving a desired result.
 20. The IOT network of claim19, wherein said desired result is fire suppression.